Currently using the mollie plugin with csrf.mode: ajax breaks the async actions from the account.
An unsubscribe or change of the sipping address is then no longer possible.
The fix for this problem is the mode ajax for CSRF tokens. In this mode Shopware is fetching a token using a XML HTTP request before sending a POST request. Enabling this behavior in our plugins is quite easy. If you're dealing with a form element, simply add the JS plugin data-form-csrf-handler="true" to it and you're good to go.
If you're fetching data using a POST request in your JavaScript, please use the method fetchCsrfToken from the HTTP client to fetch a token before sending the actual request:
Currently using the mollie plugin with
csrf.mode: ajax
breaks the async actions from the account.An unsubscribe or change of the sipping address is then no longer possible.
The fix for this problem is the mode
ajax
for CSRF tokens. In this mode Shopware is fetching a token using a XML HTTP request before sending a POST request. Enabling this behavior in our plugins is quite easy. If you're dealing with aform
element, simply add the JS plugindata-form-csrf-handler="true"
to it and you're good to go.If you're fetching data using a POST request in your JavaScript, please use the method
fetchCsrfToken
from the HTTP client to fetch a token before sending the actual request: