File tree Expand file tree Collapse file tree 1 file changed +11
-0
lines changed Expand file tree Collapse file tree 1 file changed +11
-0
lines changed Original file line number Diff line number Diff line change @@ -38,6 +38,17 @@ export default defineConfig({
3838 } ,
3939 server : {
4040 port : process . env . PORT ? Number ( process . env . PORT ) : 8080 ,
41+ headers : {
42+ // This header corresponds to "src/api/api.ts"'s hardcoded FE token.
43+ // This is the secret side of the CSRF double cookie submit method.
44+ // This should be sent on **every** response from the webserver.
45+ //
46+ // This is required because in production, the Golang webserver generates
47+ // this "Set-Cookie" header. The Vite webserver needs to replicate this
48+ // behavior. Instead of implementing CSRF though, we just use static
49+ // values for simplicity.
50+ "Set-Cookie" : "csrf_token=JXm9hOUdZctWt0ZZGAy9xiS/gxMKYOThdxjjMnMUyn4=; Path=/; HttpOnly; SameSite=Lax" ,
51+ } ,
4152 proxy : {
4253 "/api" : {
4354 ws : true ,
You can’t perform that action at this time.
0 commit comments