mirror of
https://github.com/MHSanaei/3x-ui.git
synced 2026-07-14 08:36:07 +00:00
refactor(frontend): replace axios with the native Fetch API
Drop the axios (and qs) dependencies in favor of a native fetch wrapper.
axios only ever handled same-origin JSON/form calls, a CSRF header, a 401
redirect, and a 403-retry, all of which the platform now provides directly.
- New src/api/http-init.ts (replaces axios-init.ts) reimplements the
request/response interceptors on fetch: base-path prefixing,
X-Requested-With, same-origin credentials, the CSRF token on unsafe
methods, a single 403 retry with token refresh, and the 401
redirect-and-latch. A small encodeForm() reproduces qs's
arrayFormat:'repeat' encoding, so the request wire format is unchanged.
- HttpUtil (src/utils/index.ts) keeps its public signatures and the Msg
envelope, so the ~49 API call sites are untouched. HttpOptions is now
hand-rolled instead of extending AxiosRequestConfig.
- PanelUpdateModal drops its lone direct axios.get in favor of HttpUtil.get
with { silent, timeout }.
- Add tests for the fetch core (CSRF header, form/JSON/FormData bodies,
base-path prefix, 403 retry, 401 redirect, tolerant body parse) and for
HttpUtil's envelope unwrap / toast / error mapping; this logic was
previously untested.
- Remove the vendor-axios manualChunks branch and the qs type shim, and
reword stale "axios" mentions in docs and route comments.
This commit is contained in:
@@ -48,7 +48,7 @@ func (a *XUIController) initRouter(g *gin.RouterGroup) {
|
||||
|
||||
// SPA pages built by Vite don't have a server-rendered <meta name="csrf-token">,
|
||||
// so they fetch the session token via this endpoint at startup and replay it
|
||||
// on subsequent unsafe requests through axios.
|
||||
// on subsequent unsafe requests.
|
||||
g.GET("/csrf-token", a.csrfToken)
|
||||
}
|
||||
|
||||
|
||||
@@ -60,7 +60,7 @@ func (a *XraySettingController) initRouter(g *gin.RouterGroup) {
|
||||
g.POST("/outbound-subs/:id/move", a.moveOutboundSub)
|
||||
g.POST("/outbound-subs/:id", a.updateOutboundSub)
|
||||
g.DELETE("/outbound-subs/:id", a.deleteOutboundSub)
|
||||
g.POST("/outbound-subs/:id/del", a.deleteOutboundSub) // axios-friendly alias
|
||||
g.POST("/outbound-subs/:id/del", a.deleteOutboundSub) // POST alias for clients that can't send DELETE
|
||||
g.POST("/outbound-subs/parse", a.parseOutboundSubURL) // preview without saving
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user