summaryrefslogtreecommitdiff
path: root/docs/ref
diff options
context:
space:
mode:
authorAdam Johnson <me@adamj.eu>2020-06-24 11:41:10 +0200
committerCarlton Gibson <carlton@noumenal.es>2020-06-24 12:20:57 +0200
commit2afa61e7d99b2ff2656dc64b6e28db88baf786a4 (patch)
tree4aa52915ada6d6637fcaa0ec4333e688dc8dadc9 /docs/ref
parent30e59705fc3e3e9e8370b965af794ad6173bf92b (diff)
Refs #31493 -- Replaced var with const/let in documentation JS.
Diffstat (limited to 'docs/ref')
-rw-r--r--docs/ref/csrf.txt16
-rw-r--r--docs/ref/templates/builtins.txt2
2 files changed, 9 insertions, 9 deletions
diff --git a/docs/ref/csrf.txt b/docs/ref/csrf.txt
index f181cc1fe1..95e2e83d5c 100644
--- a/docs/ref/csrf.txt
+++ b/docs/ref/csrf.txt
@@ -85,11 +85,11 @@ You can acquire the token like this:
.. code-block:: javascript
function getCookie(name) {
- var cookieValue = null;
+ let cookieValue = null;
if (document.cookie && document.cookie !== '') {
- var cookies = document.cookie.split(';');
- for (var i = 0; i < cookies.length; i++) {
- var cookie = cookies[i].trim();
+ const cookies = document.cookie.split(';');
+ for (let i = 0; i < cookies.length; i++) {
+ const cookie = cookies[i].trim();
// Does this cookie string begin with the name we want?
if (cookie.substring(0, name.length + 1) === (name + '=')) {
cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
@@ -99,14 +99,14 @@ You can acquire the token like this:
}
return cookieValue;
}
- var csrftoken = getCookie('csrftoken');
+ const csrftoken = getCookie('csrftoken');
The above code could be simplified by using the `JavaScript Cookie library
<https://github.com/js-cookie/js-cookie/>`_ to replace ``getCookie``:
.. code-block:: javascript
- var csrftoken = Cookies.get('csrftoken');
+ const csrftoken = Cookies.get('csrftoken');
.. note::
@@ -137,7 +137,7 @@ and read the token from the DOM with JavaScript:
{% csrf_token %}
<script>
- var csrftoken = document.querySelector('[name=csrfmiddlewaretoken]').value;
+ const csrftoken = document.querySelector('[name=csrfmiddlewaretoken]').value;
</script>
Setting the token on the AJAX request
@@ -148,7 +148,7 @@ Finally, you'll need to set the header on your AJAX request. Using the
.. code-block:: javascript
- var request = new Request(
+ const request = new Request(
/* URL */,
{headers: {'X-CSRFToken': csrftoken}}
);
diff --git a/docs/ref/templates/builtins.txt b/docs/ref/templates/builtins.txt
index a8e8ad98f8..54258155bd 100644
--- a/docs/ref/templates/builtins.txt
+++ b/docs/ref/templates/builtins.txt
@@ -1830,7 +1830,7 @@ The resulting data can be accessed in JavaScript like this:
.. code-block:: javascript
- var value = JSON.parse(document.getElementById('hello-data').textContent);
+ const value = JSON.parse(document.getElementById('hello-data').textContent);
XSS attacks are mitigated by escaping the characters "<", ">" and "&". For
example if ``value`` is ``{'hello': 'world</script>&amp;'}``, the output is: