p15693087
/
django
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

[1.3.X] Updated AJAX example code in CSRF docs to be consistent regarding what are safe HTTP methods 

Backport of [16202] from trunk.

git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@16203 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
Luke Plant 2011-05-09 23:47:50 +00:00
parent af1943f139
commit fda65ffea5
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/ref/contrib/csrf.txt
View File

@ -125,7 +125,7 @@ that allow headers to be set on every request. In jQuery, you can use the
!(/^(\/\/|http:|https:).*/.test(url));
}
function safeMethod(method) {
return (method === 'GET' || method === 'HEAD');
return (/^(GET|HEAD|OPTIONS|TRACE)$/.test(method));
}
if (!safeMethod(settings.type) && sameOrigin(settings.url)) {