fix add customer to post and csrf

pimcore · Nov 2, 2023 · cd97ec5 · cd97ec5
1 parent 271dd16
commit cd97ec5
Show file tree

Hide file tree

Showing 5 changed files with 11 additions and 3 deletions.
diff --git a/frontend/js/functions.js b/frontend/js/functions.js
@@ -98,7 +98,11 @@
                     return false;
                 }
                 $.ajax({
+                    method : 'POST',
                     url: '/admin/customermanagementframework/customers/new',
+                    headers: {
+                        'X-Pimcore-Csrf-Token': $newCustomerButton.data('token')
+                    },
                     success: function (data) {
                         var objectId = data.id;
                         if ('undefined' !== typeof window.top.pimcore) {

diff --git a/src/Controller/Admin/CustomersController.php b/src/Controller/Admin/CustomersController.php
@@ -305,7 +305,7 @@ public function downloadFinishedExportAction(Request $request): JsonResponse | R
     /**
      * Create new customer action
      *
-     * @Route("/new")
+     * @Route("/new", methods={"POST"})
      *
      * @throws ValidationException
      */

diff --git a/src/Resources/public/admin/js/cmf.js b/src/Resources/public/admin/js/cmf.js
@@ -803,7 +803,11 @@ app.SearchFilter.DateRangePicker = (function () {
                     return false;
                 }
                 $.ajax({
+                    method : 'POST',
                     url: '/admin/customermanagementframework/customers/new',
+                    headers: {
+                        'X-Pimcore-Csrf-Token': $newCustomerButton.data('token')
+                    },
                     success: function (data) {
                         var objectId = data.id;
                         if ('undefined' !== typeof window.top.pimcore) {