Commit b9ccf284 authored by Primsi's avatar Primsi
Browse files

Issue #2550279 by Primsi: The CSRF token sent through drupalSettings as part...

Issue #2550279 by Primsi: The CSRF token sent through drupalSettings as part of the upload url is incorrect
parent 05c55b34
......@@ -14,11 +14,12 @@
Dropzone.autoDiscover = false;
var selector = $(".dropzone-enable");
selector.addClass("dropzone");
var input = selector.siblings('input');
// Initiate dropzonejs.
var config = {
url: drupalSettings.dropzonejs.upload_path,
addRemoveLinks: true,
url: input.attr('data-upload-path'),
addRemoveLinks: true
};
var instanceConfig = drupalSettings.dropzonejs.instances[selector.attr('id')];
var dropzoneInstance = new Dropzone("#" + selector.attr("id"), $.extend({}, instanceConfig, config));
......
......@@ -8,7 +8,6 @@
namespace Drupal\dropzonejs\Element;
use Drupal\Component\Utility\Bytes;
use Drupal\Component\Utility\Html;
use Drupal\Component\Utility\NestedArray;
use Drupal\Core\Form\FormStateInterface;
use Drupal\Core\Render\Element\FormElement;
......@@ -71,6 +70,10 @@ class DropzoneJs extends FormElement {
'#type' => 'hidden',
// @todo Handle defaults.
'#default_value' => '',
// If we send a url with a token through drupalSettings the placeholder
// doesn't get replaced, because the actual scripts markup is not there
// yet. So we pass this information through a data attribute.
'#attributes' => ['data-upload-path' => \Drupal::url('dropzonejs.upload')],
];
return $element;
......@@ -92,7 +95,6 @@ class DropzoneJs extends FormElement {
$max_size = round(Bytes::toInt($element['#max_filesize']) / pow(Bytes::KILOBYTE, 2), 2);
$element['#attached']['drupalSettings']['dropzonejs'] = [
'upload_path' => \Drupal::url('dropzonejs.upload'),
'instances' => [
// Configuration keys are matched with DropzoneJS configuration
// options.
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment