Pulse/frontend-modern
rcourtman 8dad0872ae Fix CSRF token parsing in config export/import (related to #646)
The config backup export and import functions were incorrectly parsing
the CSRF token from cookies, causing "Export requires authentication"
errors even when users were properly logged in.

Two issues were fixed:

1. Cookie parsing used `.split('=')[1]` which truncated tokens containing
   `=` padding characters (common in base64 tokens). Fixed by using
   `.split('=').slice(1).join('=')` to preserve the full value.

2. Missing URL decoding of the cookie value. Browsers percent-encode
   cookie values, so `=` becomes `%3D`. The backend then failed to match
   the encoded token hash. Fixed by adding `decodeURIComponent()`.

Both fixes mirror the pattern already used in apiClient.ts.
2025-11-08 11:17:18 +00:00
..
public Add Windows ARM64 support for host agent (related to #654) 2025-11-07 12:18:57 +00:00
src Fix CSRF token parsing in config export/import (related to #646) 2025-11-08 11:17:18 +00:00
.eslintignore Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
.eslintrc.cjs Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
.gitignore Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
.prettierignore Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
.prettierrc Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
index.html Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
package-lock.json Refactor: Code cleanup and localStorage consolidation 2025-11-04 21:50:46 +00:00
package.json Refactor: Code cleanup and localStorage consolidation 2025-11-04 21:50:46 +00:00
postcss.config.js Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
tailwind.config.js fix: prevent guest link icon from re-animating on WebSocket updates 2025-10-24 09:27:06 +00:00
tsconfig.json Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
tsconfig.node.json Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
vite.config.ts Refactor: Code cleanup and localStorage consolidation 2025-11-04 21:50:46 +00:00