Remove no-longer needed inclusion of xsrf token

This is no longer needed because the token is now included; in fact the inclusion now prevents the second instance from accepting the request.
nebari-dev · Jul 28, 2024 · bda5054 · bda5054
1 parent ef56fc6
commit bda5054
Showing 1 changed file with 1 addition and 7 deletions.
diff --git a/src/handler.ts b/src/handler.ts
@@ -74,13 +74,7 @@ export function eventStream(
   namespace: string
 ): IEventStream {
   const settings = ServerConnection.makeSettings();
-  let requestUrl = URLExt.join(settings.baseUrl, namespace, endPoint);
-  const xsrfTokenMatch = document.cookie.match('\\b_xsrf=([^;]*)\\b');
-  if (xsrfTokenMatch) {
-    const fullUrl = new URL(requestUrl);
-    fullUrl.searchParams.append('_xsrf', xsrfTokenMatch[1]);
-    requestUrl = fullUrl.toString();
-  }
+  const requestUrl = URLExt.join(settings.baseUrl, namespace, endPoint);
   const controller = new AbortController();
   const promise = fetchEventSource(requestUrl, {
     onmessage: event => {