diff options
| author | Adam Johnson <me@adamj.eu> | 2020-06-24 11:41:10 +0200 |
|---|---|---|
| committer | Carlton Gibson <carlton@noumenal.es> | 2020-06-24 12:20:57 +0200 |
| commit | 2afa61e7d99b2ff2656dc64b6e28db88baf786a4 (patch) | |
| tree | 4aa52915ada6d6637fcaa0ec4333e688dc8dadc9 /docs/ref | |
| parent | 30e59705fc3e3e9e8370b965af794ad6173bf92b (diff) | |
Refs #31493 -- Replaced var with const/let in documentation JS.
Diffstat (limited to 'docs/ref')
| -rw-r--r-- | docs/ref/csrf.txt | 16 | ||||
| -rw-r--r-- | docs/ref/templates/builtins.txt | 2 |
2 files changed, 9 insertions, 9 deletions
diff --git a/docs/ref/csrf.txt b/docs/ref/csrf.txt index f181cc1fe1..95e2e83d5c 100644 --- a/docs/ref/csrf.txt +++ b/docs/ref/csrf.txt @@ -85,11 +85,11 @@ You can acquire the token like this: .. code-block:: javascript function getCookie(name) { - var cookieValue = null; + let cookieValue = null; if (document.cookie && document.cookie !== '') { - var cookies = document.cookie.split(';'); - for (var i = 0; i < cookies.length; i++) { - var cookie = cookies[i].trim(); + const cookies = document.cookie.split(';'); + for (let i = 0; i < cookies.length; i++) { + const cookie = cookies[i].trim(); // Does this cookie string begin with the name we want? if (cookie.substring(0, name.length + 1) === (name + '=')) { cookieValue = decodeURIComponent(cookie.substring(name.length + 1)); @@ -99,14 +99,14 @@ You can acquire the token like this: } return cookieValue; } - var csrftoken = getCookie('csrftoken'); + const csrftoken = getCookie('csrftoken'); The above code could be simplified by using the `JavaScript Cookie library <https://github.com/js-cookie/js-cookie/>`_ to replace ``getCookie``: .. code-block:: javascript - var csrftoken = Cookies.get('csrftoken'); + const csrftoken = Cookies.get('csrftoken'); .. note:: @@ -137,7 +137,7 @@ and read the token from the DOM with JavaScript: {% csrf_token %} <script> - var csrftoken = document.querySelector('[name=csrfmiddlewaretoken]').value; + const csrftoken = document.querySelector('[name=csrfmiddlewaretoken]').value; </script> Setting the token on the AJAX request @@ -148,7 +148,7 @@ Finally, you'll need to set the header on your AJAX request. Using the .. code-block:: javascript - var request = new Request( + const request = new Request( /* URL */, {headers: {'X-CSRFToken': csrftoken}} ); diff --git a/docs/ref/templates/builtins.txt b/docs/ref/templates/builtins.txt index a8e8ad98f8..54258155bd 100644 --- a/docs/ref/templates/builtins.txt +++ b/docs/ref/templates/builtins.txt @@ -1830,7 +1830,7 @@ The resulting data can be accessed in JavaScript like this: .. code-block:: javascript - var value = JSON.parse(document.getElementById('hello-data').textContent); + const value = JSON.parse(document.getElementById('hello-data').textContent); XSS attacks are mitigated by escaping the characters "<", ">" and "&". For example if ``value`` is ``{'hello': 'world</script>&'}``, the output is: |
