From 74e89b0ee3849c0ab52f1fa13c053b3cc0b67899 Mon Sep 17 00:00:00 2001
From: Florian Bachmann <834350+baflo@users.noreply.github.com>
Date: Sat, 23 Dec 2023 16:56:56 +0100
Subject: [PATCH] Fix: ensure CSRF-Token on Index view (#5082)

---
 src/paperless/urls.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/paperless/urls.py b/src/paperless/urls.py
index 67fddbee0..72deaeaf3 100644
--- a/src/paperless/urls.py
+++ b/src/paperless/urls.py
@@ -6,6 +6,7 @@ from django.urls import path
 from django.urls import re_path
 from django.utils.translation import gettext_lazy as _
 from django.views.decorators.csrf import csrf_exempt
+from django.views.decorators.csrf import ensure_csrf_cookie
 from django.views.generic import RedirectView
 from rest_framework.authtoken import views
 from rest_framework.routers import DefaultRouter
@@ -178,7 +179,11 @@ urlpatterns = [
     # login, logout
     path("accounts/", include("django.contrib.auth.urls")),
     # Root of the Frontend
-    re_path(r".*", login_required(IndexView.as_view()), name="base"),
+    re_path(
+        r".*",
+        login_required(ensure_csrf_cookie(IndexView.as_view())),
+        name="base",
+    ),
 ]