Do not send token for asset requests

2023-09-07 15:51:55 +02:00 · 2023-09-07 15:51:55 +02:00 · 669b4cfcdd
parent ec66d0062d
commit 669b4cfcdd
1 changed files with 5 additions and 1 deletions
--- a/frontend/src/app/_providers/auth-interceptor.provider.ts
+++ b/frontend/src/app/_providers/auth-interceptor.provider.ts
@ -74,7 +74,11 @@ export class AuthInterceptor implements HttpInterceptor {

  updateRequest(req: HttpRequest<any>): HttpRequest<any> {
    //If request is absolute, don't add XSRF token or Bearer token
-    if (req.url.startsWith('http') || req.url.startsWith('//')) return req;
+    if (
+      req.url.startsWith('http') ||
+      req.url.startsWith('//') ||
+      req.url.includes('/assets/')
+    ) return req;

    req = this.addXsrfToken(req);
    if(this.authToken.getToken() !== '') req = this.addBearerToken(req);