Pulse/frontend-modern
rcourtman d52ac6d8b5 Fix CSRF token validation and improve token management
- Add Access-Control-Expose-Headers to allow frontend to read X-CSRF-Token response header
- Implement proactive CSRF token issuance on GET requests when session exists but CSRF cookie is missing
- Ensures frontend always has valid CSRF token before making POST requests
- Fixes 403 Forbidden errors when toggling system settings

This resolves CSRF validation failures that occurred when CSRF tokens expired or were missing while valid sessions existed.
2025-11-05 09:23:44 +00:00
..
public Refactor: Code cleanup and localStorage consolidation 2025-11-04 21:50:46 +00:00
src Fix CSRF token validation and improve token management 2025-11-05 09:23:44 +00:00
.eslintignore Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
.eslintrc.cjs Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
.gitignore Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
.prettierignore Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
.prettierrc Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
index.html Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
package-lock.json Refactor: Code cleanup and localStorage consolidation 2025-11-04 21:50:46 +00:00
package.json Refactor: Code cleanup and localStorage consolidation 2025-11-04 21:50:46 +00:00
postcss.config.js Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
tailwind.config.js fix: prevent guest link icon from re-animating on WebSocket updates 2025-10-24 09:27:06 +00:00
tsconfig.json Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
tsconfig.node.json Fix settings security tab navigation 2025-10-11 23:29:47 +00:00
vite.config.ts Refactor: Code cleanup and localStorage consolidation 2025-11-04 21:50:46 +00:00