p15693087
/
django
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Made CSRF JavaScript example more reusable.

This commit is contained in:
sdwoodbury 2021-09-13 00:36:27 -04:00 committed by GitHub
parent ecf87ad513
commit 691b8dd8ed
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
docs/ref/csrf.txt
View File

@ -150,12 +150,13 @@ Finally, you'll need to set the header on your AJAX request. Using the
const request = new Request(
/* URL */,
{headers: {'X-CSRFToken': csrftoken}}
{
method: 'POST',
headers: {'X-CSRFToken': csrftoken},
mode: 'same-origin' // Do not send CSRF token to another domain.
}
);
fetch(request, {
method: 'POST',
mode: 'same-origin' // Do not send CSRF token to another domain.
}).then(function(response) {
fetch(request).then(function(response) {
// ...
});