Merge branch 'zhoufang/dev/392' into 'dev'

#392 Updated logic on adding CSRF for API calls

See merge request !458

src/main/www/src/Utils/formFunctionHelpers.js

@@ -737,13 +737,8 @@ export const focusOnInvalidField = () => {
 };
 
 export const fetchWrapper = (url, method, callbackFunc, dataBody, errCallbackFunc) => {
-  const shouldExcludeCSRF =
-    url.includes('https://newsroom.eclipse.org/api/resources') ||
-    url.includes('https://api.eclipse.org/public/member/') ||
-    url.includes('https://projects.eclipse.org/api/projects') ||
-    url.includes('https://api.eclipse.org/cbi/sponsorships');
-
-  let requestHeader = shouldExcludeCSRF ? FETCH_HEADER_WITHOUT_CSRF : FETCH_HEADER;
+  const shouldIncludeCSRF = url[0] === '/';
+  let requestHeader = shouldIncludeCSRF ? FETCH_HEADER : FETCH_HEADER_WITHOUT_CSRF;
 
   if (url.includes('/logos') && method === 'POST') {
     requestHeader = { 'x-csrf-token': FETCH_HEADER['x-csrf-token'] };
@@ -757,7 +752,7 @@ export const fetchWrapper = (url, method, callbackFunc, dataBody, errCallbackFun
     .then((res) => {
       if (res.ok) {
         // DELETE and 204 won't return response data, so don't do json()
-        return method === 'DELETE' || method === 'POST' || res.status === 204  ? res : res.json();
+        return method === 'DELETE' || method === 'POST' || res.status === 204 ? res : res.json();
       }
       throw res.status;
     })
@@ -773,8 +768,7 @@ export const fetchWrapper = (url, method, callbackFunc, dataBody, errCallbackFun
 
 export const fetchWrapperPagination = async (url, i, callbackFunc) => {
   let data = [];
-
-  const shouldIncludeCSRF = url.includes('/contacts');
+  const shouldIncludeCSRF = url[0] === '/';
   const requestHeader = shouldIncludeCSRF ? FETCH_HEADER : FETCH_HEADER_WITHOUT_CSRF;
 
   const getData = async () => {