This is an automated email from the ASF dual-hosted git repository. dill0wn pushed a commit to branch dw/fetch-is_ajax in repository https://gitbox.apache.org/repos/asf/allura.git
commit be92066bc254c3cf936c1fcadf8a5a8269a6ebd3 Author: Dillon Walls <[email protected]> AuthorDate: Thu Dec 19 18:55:12 2024 +0000 also detect 'fetch()' requests as ajax --- Allura/allura/lib/utils.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/Allura/allura/lib/utils.py b/Allura/allura/lib/utils.py index 41140cfe9..cbf6cc675 100644 --- a/Allura/allura/lib/utils.py +++ b/Allura/allura/lib/utils.py @@ -709,6 +709,12 @@ def unique_attachments(attachments): def is_ajax(request): if request.headers.get('X-Requested-With', None) == 'XMLHttpRequest': return True + # fetch - see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Sec-Fetch-Mode + if ( + request.headers.get('Sec-Fetch-Mode', None) in ('cors', 'no-cors', 'same-origin') + and request.headers.get('Sec-Fetch-Dest', None) == 'empty' + ): + return True return False
