Set the XSRF token header

描述

貢獻者指南

技術棧

pythonjavascript

領域

full stack

議題類型

feature

難度面向新貢獻者的預計實作難度，1 表示很小改動，5 表示專家級工作。

3

預計時間有經驗貢獻者完成調查、實作、測試並準備 pull request 的粗略時間範圍。

1-3 hours

活動狀態議題目前的可參與程度：新鮮、活躍、陳舊、阻塞或等待維護者輸入。

stale

清晰度議題是否清楚說明預期改動、驗收標準和下一步。

needs investigation

前置要求

Basic understanding of AngularJS $http serviceFamiliarity with XSRF/CSRF protection conceptsAccess to Redash development environment

新手友善度1-100 的估計分數，表示該議題對首次貢獻者的友善程度。

30

研究方向

Start by reviewing the AngularJS documentation for $http XSRF protection linked in the issue. Then locate the AngularJS configuration file (commonly app.js or similar) in the Redash frontend codebase to understand how $httpProvider is currently set up. Next, investigate the backend (likely Flask or Django) to see if it already sends an XSRF token cookie and how to read it. Finally, determine the best approach to set the default header for all $http requests. Consult existing similar PRs or comments in the repository for guidance.