Delay assignment of csrftoken (#1289)

c-py · web-flow · commit 05d3df92e7be · 2022-09-24T15:59:53.000+03:00
diff --git a/graphene_django/static/graphene_django/graphiql.js b/graphene_django/static/graphene_django/graphiql.js
@@ -10,14 +10,6 @@
   history,
   location,
 ) {
-  // Parse the cookie value for a CSRF token
-  var csrftoken;
-  var cookies = ("; " + document.cookie).split("; csrftoken=");
-  if (cookies.length == 2) {
-    csrftoken = cookies.pop().split(";").shift();
-  } else {
-    csrftoken = document.querySelector("[name=csrfmiddlewaretoken]").value;
-  }
 
   // Collect the URL parameters
   var parameters = {};
@@ -68,9 +60,19 @@
     var headers = opts.headers || {};
     headers['Accept'] = headers['Accept'] || 'application/json';
     headers['Content-Type'] = headers['Content-Type'] || 'application/json';
+
+    // Parse the cookie value for a CSRF token
+    var csrftoken;
+    var cookies = ("; " + document.cookie).split("; csrftoken=");
+    if (cookies.length == 2) {
+      csrftoken = cookies.pop().split(";").shift();
+    } else {
+      csrftoken = document.querySelector("[name=csrfmiddlewaretoken]").value;
+    }
     if (csrftoken) {
       headers['X-CSRFToken'] = csrftoken
     }
+
     return fetch(fetchURL, {
       method: "post",
       headers: headers,
