Skip to content
This repository was archived by the owner on Feb 10, 2025. It is now read-only.

Commit e11df5d

Browse files
committed
fix: middleware failing csrf check
1 parent bce1796 commit e11df5d

1 file changed

Lines changed: 5 additions & 0 deletions

File tree

apps/ui/middleware.ts

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -42,6 +42,11 @@ async function isLoggedIn(req: NextRequest) {
4242
newHeaders.append("Cookie", `sessionid=${sessionid.value}`);
4343
newHeaders.append("Cookie", `csrftoken=${csrfToken.value}`);
4444

45+
const proto = headers.get("x-forwarded-proto") ?? "http";
46+
const hostname = headers.get("x-forwarded-host") ?? headers.get("host") ?? "";
47+
const requestUrl = new URL(req.url).pathname;
48+
const referer = `${proto}://${hostname}${requestUrl}`;
49+
newHeaders.append("Referer", referer);
4550
// Use of fetch requires a string body (vs. gql query object)
4651
// the request returns either a valid user (e.g. pk) or null if user was not found
4752
const body: string = JSON.stringify({

0 commit comments

Comments
 (0)