summaryrefslogtreecommitdiff
path: root/docs/ref
diff options
context:
space:
mode:
authorsdwoodbury <stuartwx@yahoo.com>2021-09-13 00:36:27 -0400
committerGitHub <noreply@github.com>2021-09-13 06:36:27 +0200
commit691b8dd8edfbcdcff66b9bf7bdaa5e875af28006 (patch)
tree94bd0dc284ebcaddd0dcc00b1beb26841eeabd9f /docs/ref
parentecf87ad513fd8af6e4a6093ed918723a7d88d5ca (diff)
Made CSRF JavaScript example more reusable.
Diffstat (limited to 'docs/ref')
-rw-r--r--docs/ref/csrf.txt11
1 files changed, 6 insertions, 5 deletions
diff --git a/docs/ref/csrf.txt b/docs/ref/csrf.txt
index 6e340bcdeb..56fcd77563 100644
--- a/docs/ref/csrf.txt
+++ b/docs/ref/csrf.txt
@@ -150,12 +150,13 @@ Finally, you'll need to set the header on your AJAX request. Using the
const request = new Request(
/* URL */,
- {headers: {'X-CSRFToken': csrftoken}}
+ {
+ method: 'POST',
+ headers: {'X-CSRFToken': csrftoken},
+ mode: 'same-origin' // Do not send CSRF token to another domain.
+ }
);
- fetch(request, {
- method: 'POST',
- mode: 'same-origin' // Do not send CSRF token to another domain.
- }).then(function(response) {
+ fetch(request).then(function(response) {
// ...
});