fix(http): better handle unexpected undefined XSRF tokens (#47683)

`HttpXsrfTokenExtractor` allows returning `string|null` for an XSRF token,
and the interceptor checked if the returned token is `null`. However, some
implementations return `undefined` instead (behind an `any`) type, which
caused the interceptor to crash when trying to set an `undefined` value for
the header.

This commit makes the XSRF interceptor a little more resilient against such
broken implementations of the `HttpXsrfTokenExtractor` interface.

PR Close #47683
This commit is contained in:
Alex Rickabaugh 2022-10-06 15:35:45 -07:00 committed by Jessica Janiuk
parent 84478f5a1c
commit ea16a98dfe

View file

@ -90,7 +90,7 @@ export function xsrfInterceptorFn(
const headerName = inject(XSRF_HEADER_NAME);
// Be careful not to overwrite an existing header of the same name.
if (token !== null && !req.headers.has(headerName)) {
if (token != null && !req.headers.has(headerName)) {
req = req.clone({headers: req.headers.set(headerName, token)});
}
return next(req);