From 68f2211f00dfa3f823ad780ed748c1af0078a0cf Mon Sep 17 00:00:00 2001
From: Hinaloe <hina@hinaloe.net>
Date: Tue, 26 Mar 2019 19:13:20 +0900
Subject: [PATCH] Do not set CSRF Token when no csrf header (#10383)

---
 app/javascript/mastodon/api.js | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/app/javascript/mastodon/api.js b/app/javascript/mastodon/api.js
index 4be3eadb0..98d59de43 100644
--- a/app/javascript/mastodon/api.js
+++ b/app/javascript/mastodon/api.js
@@ -13,10 +13,14 @@ export const getLinks = response => {
 };
 
 let csrfHeader = {};
+
 function setCSRFHeader() {
-  const csrfToken = document.querySelector('meta[name=csrf-token]').content;
-  csrfHeader['X-CSRF-Token'] = csrfToken;
+  const csrfToken = document.querySelector('meta[name=csrf-token]');
+  if (csrfToken) {
+    csrfHeader['X-CSRF-Token'] = csrfToken.content;
+  }
 }
+
 ready(setCSRFHeader);
 
 export default getState => axios.create({