Commit b9ccf284 authored by Primsi's avatar Primsi
Browse files

Issue #2550279 by Primsi: The CSRF token sent through drupalSettings as part...

Issue #2550279 by Primsi: The CSRF token sent through drupalSettings as part of the upload url is incorrect
parent 05c55b34
...@@ -14,11 +14,12 @@ ...@@ -14,11 +14,12 @@
Dropzone.autoDiscover = false; Dropzone.autoDiscover = false;
var selector = $(".dropzone-enable"); var selector = $(".dropzone-enable");
selector.addClass("dropzone"); selector.addClass("dropzone");
var input = selector.siblings('input');
// Initiate dropzonejs. // Initiate dropzonejs.
var config = { var config = {
url: drupalSettings.dropzonejs.upload_path, url: input.attr('data-upload-path'),
addRemoveLinks: true, addRemoveLinks: true
}; };
var instanceConfig = drupalSettings.dropzonejs.instances[selector.attr('id')]; var instanceConfig = drupalSettings.dropzonejs.instances[selector.attr('id')];
var dropzoneInstance = new Dropzone("#" + selector.attr("id"), $.extend({}, instanceConfig, config)); var dropzoneInstance = new Dropzone("#" + selector.attr("id"), $.extend({}, instanceConfig, config));
......
...@@ -8,7 +8,6 @@ ...@@ -8,7 +8,6 @@
namespace Drupal\dropzonejs\Element; namespace Drupal\dropzonejs\Element;
use Drupal\Component\Utility\Bytes; use Drupal\Component\Utility\Bytes;
use Drupal\Component\Utility\Html;
use Drupal\Component\Utility\NestedArray; use Drupal\Component\Utility\NestedArray;
use Drupal\Core\Form\FormStateInterface; use Drupal\Core\Form\FormStateInterface;
use Drupal\Core\Render\Element\FormElement; use Drupal\Core\Render\Element\FormElement;
...@@ -71,6 +70,10 @@ class DropzoneJs extends FormElement { ...@@ -71,6 +70,10 @@ class DropzoneJs extends FormElement {
'#type' => 'hidden', '#type' => 'hidden',
// @todo Handle defaults. // @todo Handle defaults.
'#default_value' => '', '#default_value' => '',
// If we send a url with a token through drupalSettings the placeholder
// doesn't get replaced, because the actual scripts markup is not there
// yet. So we pass this information through a data attribute.
'#attributes' => ['data-upload-path' => \Drupal::url('dropzonejs.upload')],
]; ];
return $element; return $element;
...@@ -92,7 +95,6 @@ class DropzoneJs extends FormElement { ...@@ -92,7 +95,6 @@ class DropzoneJs extends FormElement {
$max_size = round(Bytes::toInt($element['#max_filesize']) / pow(Bytes::KILOBYTE, 2), 2); $max_size = round(Bytes::toInt($element['#max_filesize']) / pow(Bytes::KILOBYTE, 2), 2);
$element['#attached']['drupalSettings']['dropzonejs'] = [ $element['#attached']['drupalSettings']['dropzonejs'] = [
'upload_path' => \Drupal::url('dropzonejs.upload'),
'instances' => [ 'instances' => [
// Configuration keys are matched with DropzoneJS configuration // Configuration keys are matched with DropzoneJS configuration
// options. // options.
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment