diff --git a/docs/ref/contrib/csrf.txt b/docs/ref/contrib/csrf.txt
index 9441393c81..a3cf2ca963 100644
--- a/docs/ref/contrib/csrf.txt
+++ b/docs/ref/contrib/csrf.txt
@@ -117,7 +117,7 @@ that allow headers to be set on every request. In jQuery, you can use the
                 !(/^(\/\/|http:|https:).*/.test(url));
         }
         function safeMethod(method) {
-            return (method === 'GET' || method === 'HEAD');
+            return (/^(GET|HEAD|OPTIONS|TRACE)$/.test(method));
         }
 
         if (!safeMethod(settings.type) && sameOrigin(settings.url)) {