Pulse/internal
rcourtman d52ac6d8b5 Fix CSRF token validation and improve token management
- Add Access-Control-Expose-Headers to allow frontend to read X-CSRF-Token response header
- Implement proactive CSRF token issuance on GET requests when session exists but CSRF cookie is missing
- Ensures frontend always has valid CSRF token before making POST requests
- Fixes 403 Forbidden errors when toggling system settings

This resolves CSRF validation failures that occurred when CSRF tokens expired or were missing while valid sessions existed.
2025-11-05 09:23:44 +00:00
..
alerts chore: snapshot current changes 2025-11-02 22:47:55 +00:00
api Fix CSRF token validation and improve token management 2025-11-05 09:23:44 +00:00
auth Refactor: Code cleanup and localStorage consolidation 2025-11-04 21:50:46 +00:00
config Fix CSRF token validation and improve token management 2025-11-05 09:23:44 +00:00
crypto Harden setup token flow and enforce encrypted persistence 2025-10-25 16:00:37 +00:00
discovery Refactor: Code cleanup and localStorage consolidation 2025-11-04 21:50:46 +00:00
dockeragent Update docker CPU metrics and add OpenRC installer support (Refs #255) 2025-11-04 22:16:50 +00:00
errors Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
hostagent Normalize docker agent version handling 2025-10-28 08:42:58 +00:00
hostmetrics Normalize docker agent version handling 2025-10-28 08:42:58 +00:00
logging feat: comprehensive diagnostics and observability improvements 2025-10-21 12:37:39 +00:00
mock Refactor: Code cleanup and localStorage consolidation 2025-11-04 21:50:46 +00:00
models Refactor: Code cleanup and localStorage consolidation 2025-11-04 21:50:46 +00:00
monitoring Fix CSRF token validation and improve token management 2025-11-05 09:23:44 +00:00
notifications Implement Pulse tag overrides and alert clear persistence 2025-10-25 14:28:32 +00:00
ssh/knownhosts security: complete Phase 1 sensor proxy hardening 2025-10-20 15:13:37 +00:00
system Enhance container detection for temperature SSH safeguards (refs #601) 2025-11-04 22:30:35 +00:00
tempproxy security: add resilience and error handling to tempproxy client 2025-10-19 16:37:11 +00:00
types Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
updates Refactor: Code cleanup and localStorage consolidation 2025-11-04 21:50:46 +00:00
utils Refactor: Code cleanup and localStorage consolidation 2025-11-04 21:50:46 +00:00
websocket refactor: use strconv.Itoa instead of string(rune()) in test 2025-10-20 15:12:14 +00:00