From dd5a9fad4fcdcc1064e7d339a34688d3556fd9a9 Mon Sep 17 00:00:00 2001
From: Gauthier <mail@gauthierth.fr>
Date: Thu, 7 Nov 2024 13:22:25 +0100
Subject: [PATCH] fix: remove useless Fetch override

Remove the fetch override that was handling CSRF tokens as Axios handle this natively.
---
 src/pages/_app.tsx         |  1 -
 src/utils/fetchOverride.ts | 46 --------------------------------------
 2 files changed, 47 deletions(-)
 delete mode 100644 src/utils/fetchOverride.ts

diff --git a/src/pages/_app.tsx b/src/pages/_app.tsx
index 208a0585..51dc3a0e 100644
--- a/src/pages/_app.tsx
+++ b/src/pages/_app.tsx
@@ -12,7 +12,6 @@ import { SettingsProvider } from '@app/context/SettingsContext';
 import { UserContext } from '@app/context/UserContext';
 import type { User } from '@app/hooks/useUser';
 import '@app/styles/globals.css';
-import '@app/utils/fetchOverride';
 import { polyfillIntl } from '@app/utils/polyfillIntl';
 import { MediaServerType } from '@server/constants/server';
 import type { PublicSettingsResponse } from '@server/interfaces/api/settingsInterfaces';
diff --git a/src/utils/fetchOverride.ts b/src/utils/fetchOverride.ts
deleted file mode 100644
index e0a90012..00000000
--- a/src/utils/fetchOverride.ts
+++ /dev/null
@@ -1,46 +0,0 @@
-const getCsrfToken = (): string | null => {
-  if (typeof window !== 'undefined') {
-    const match = document.cookie.match(/XSRF-TOKEN=([^;]+)/);
-    return match ? decodeURIComponent(match[1]) : null;
-  }
-  return null;
-};
-
-const isSameOrigin = (url: RequestInfo | URL): boolean => {
-  const parsedUrl = new URL(
-    url instanceof Request ? url.url : url.toString(),
-    window.location.origin
-  );
-  return parsedUrl.origin === window.location.origin;
-};
-
-// We are using a custom fetch implementation to add the X-XSRF-TOKEN heade
-// to all requests. This is required when CSRF protection is enabled.
-if (typeof window !== 'undefined') {
-  const originalFetch: typeof fetch = window.fetch;
-
-  (window as typeof globalThis).fetch = async (
-    input: RequestInfo | URL,
-    init?: RequestInit
-  ): Promise<Response> => {
-    if (!isSameOrigin(input)) {
-      return originalFetch(input, init);
-    }
-
-    const csrfToken = getCsrfToken();
-
-    const headers = {
-      ...(init?.headers || {}),
-      ...(csrfToken ? { 'XSRF-TOKEN': csrfToken } : {}),
-    };
-
-    const newInit: RequestInit = {
-      ...init,
-      headers,
-    };
-
-    return originalFetch(input, newInit);
-  };
-}
-
-export {};