summaryrefslogtreecommitdiff
path: root/docs/ref
diff options
context:
space:
mode:
authorBrian Rosner <brosner@gmail.com>2011-07-14 18:36:05 +0000
committerBrian Rosner <brosner@gmail.com>2011-07-14 18:36:05 +0000
commit99cd76e2734694d22861b7c224fd1e2dcb643fa0 (patch)
tree0a5f137df5e8ba7fe7eee676499f51fa4af42e84 /docs/ref
parent3b774583711e39dae7a5cfde314288f8019f59c6 (diff)
Added a note about the AJAX CSRF example not working on jQuery 1.5
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16543 bcc190cf-cafb-0310-a4f2-bffc1f526a37
Diffstat (limited to 'docs/ref')
-rw-r--r--docs/ref/contrib/csrf.txt5
1 files changed, 5 insertions, 0 deletions
diff --git a/docs/ref/contrib/csrf.txt b/docs/ref/contrib/csrf.txt
index 93a7bb7c65..50e15d7f94 100644
--- a/docs/ref/contrib/csrf.txt
+++ b/docs/ref/contrib/csrf.txt
@@ -128,6 +128,11 @@ that allow headers to be set on every request. In jQuery, you can use the
}
});
+.. note::
+
+ Due to a bug introduced in jQuery 1.5, the example above will not work
+ correctly on that version. Make sure you are running at least jQuery 1.5.1.
+
Adding this to a javascript file that is included on your site will ensure that
AJAX POST requests that are made via jQuery will not be caught by the CSRF
protection.