Fix CSRF for HTMX POST requests

author: Caine <caine@jihakuz.xyz> 2026-04-02 23:10:52 +0100
committer: Caine <caine@jihakuz.xyz> 2026-04-02 23:10:52 +0100
commit: dfa573a4ea90b300b6261d6d055ea90f0fe904fa (patch)
tree: 9a7142d7b98b9f588bb7c487a91bef70975241ef /kitchen
parent: c4ca4348edc5c4fd6cc36e9833fbb9c697f3bf9d (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/kitchen/templates/kitchen/base.html b/kitchen/templates/kitchen/base.html
index 0bdc5f3..6bd33bf 100644
--- a/kitchen/templates/kitchen/base.html
+++ b/kitchen/templates/kitchen/base.html
@@ -6,6 +6,14 @@
   <meta name="viewport" content="width=device-width, initial-scale=1.0">
   <title>{% block title %}Kitchen{% endblock %}</title>
   <script src="{% static 'kitchen/htmx.min.js' %}"></script>
+  {% csrf_token %}
+  <script>
+    // Add CSRF token to all HTMX requests
+    document.addEventListener('htmx:configRequest', function(evt) {
+      const token = document.querySelector('[name=csrfmiddlewaretoken]');
+      if (token) evt.detail.headers['X-CSRFToken'] = token.value;
+    });
+  </script>
   <style>
     :root {
       --bg-dark: #15131c;
author	Caine <caine@jihakuz.xyz>	2026-04-02 23:10:52 +0100
committer	Caine <caine@jihakuz.xyz>	2026-04-02 23:10:52 +0100
commit	dfa573a4ea90b300b6261d6d055ea90f0fe904fa (patch)
tree	9a7142d7b98b9f588bb7c487a91bef70975241ef /kitchen
parent	c4ca4348edc5c4fd6cc36e9833fbb9c697f3bf9d (diff)