Rev 1050 | Rev 1130 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 1050 | Rev 1060 | ||
|---|---|---|---|
| Line 67... | Line 67... | ||
| 67 | 67 | ||
| 68 | //$tbl_prefix = OIDplus::baseConfig()->getValue('TABLENAME_PREFIX',''); |
68 | //$tbl_prefix = OIDplus::baseConfig()->getValue('TABLENAME_PREFIX',''); |
| 69 | //$files[] = 'var language_tblprefix = '.json_encode($tbl_prefix).';'; |
69 | //$files[] = 'var language_tblprefix = '.json_encode($tbl_prefix).';'; |
| 70 | $files[] = 'var language_tblprefix = "<tableprefix>";'; // hide TABLENAME_PREFIX from the client |
70 | $files[] = 'var language_tblprefix = "<tableprefix>";'; // hide TABLENAME_PREFIX from the client |
| 71 | 71 | ||
| - | 72 | $files[] = 'var oidplus_webpath = '.js_escape(OIDplus::webpath(null, OIDplus::PATH_RELATIVE_TO_ROOT)).';'; |
|
| - | 73 | ||
| 72 | // The CSRF token is set by index.php |
74 | // The CSRF token is set by index.php |
| 73 | // TODO: can there race-conditions if we set csrf_token here? Or should we set it as inline-script in index.php ? |
75 | // TODO: can there race-conditions if we set csrf_token here? Or should we set it as inline-script in index.php ? |
| 74 | $files[] = 'var csrf_token = '.js_escape(isset($_COOKIE['csrf_token']) ? $_COOKIE['csrf_token'] : '').';'; |
76 | $files[] = 'var csrf_token = '.js_escape(isset($_COOKIE['csrf_token']) ? $_COOKIE['csrf_token'] : '').';'; |
| 75 | 77 | ||
| 76 | $files[] = 'var samesite_policy = '.js_escape(OIDplus::baseConfig()->getValue('COOKIE_SAMESITE_POLICY','Strict')).';'; |
78 | $files[] = 'var samesite_policy = '.js_escape(OIDplus::baseConfig()->getValue('COOKIE_SAMESITE_POLICY','Strict')).';'; |