summaryrefslogtreecommitdiff
path: root/docs/ref
diff options
context:
space:
mode:
authorAdam Johnson <me@adamj.eu>2020-06-24 11:41:10 +0200
committerCarlton Gibson <carlton.gibson@noumenal.es>2020-06-24 12:27:31 +0200
commitaf2e95b0fae0437c1cc6c08adfe4ce9c68991a50 (patch)
treee8a69419ddab30828b19ec0d57e812ca9fdad664 /docs/ref
parent453a5bf3024ed385f95f2f9a5378d8fc03baffc2 (diff)
[3.0.x] Refs #31493 -- Replaced var with const/let in documentation JS.
Backport of 2afa61e7d99b2ff2656dc64b6e28db88baf786a4 from master Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
Diffstat (limited to 'docs/ref')
-rw-r--r--docs/ref/csrf.txt14
-rw-r--r--docs/ref/templates/builtins.txt2
2 files changed, 8 insertions, 8 deletions
diff --git a/docs/ref/csrf.txt b/docs/ref/csrf.txt
index 20a8ddb433..0e4423248d 100644
--- a/docs/ref/csrf.txt
+++ b/docs/ref/csrf.txt
@@ -85,11 +85,11 @@ You can acquire the token like this:
.. code-block:: javascript
function getCookie(name) {
- var cookieValue = null;
+ let cookieValue = null;
if (document.cookie && document.cookie !== '') {
- var cookies = document.cookie.split(';');
- for (var i = 0; i < cookies.length; i++) {
- var cookie = cookies[i].trim();
+ const cookies = document.cookie.split(';');
+ for (let i = 0; i < cookies.length; i++) {
+ const cookie = cookies[i].trim();
// Does this cookie string begin with the name we want?
if (cookie.substring(0, name.length + 1) === (name + '=')) {
cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
@@ -99,14 +99,14 @@ You can acquire the token like this:
}
return cookieValue;
}
- var csrftoken = getCookie('csrftoken');
+ const csrftoken = getCookie('csrftoken');
The above code could be simplified by using the `JavaScript Cookie library
<https://github.com/js-cookie/js-cookie/>`_ to replace ``getCookie``:
.. code-block:: javascript
- var csrftoken = Cookies.get('csrftoken');
+ const csrftoken = Cookies.get('csrftoken');
.. note::
@@ -138,7 +138,7 @@ and read the token from the DOM with JavaScript:
{% csrf_token %}
<script type="text/javascript">
// using jQuery
- var csrftoken = jQuery("[name=csrfmiddlewaretoken]").val();
+ const csrftoken = jQuery("[name=csrfmiddlewaretoken]").val();
</script>
Setting the token on the AJAX request
diff --git a/docs/ref/templates/builtins.txt b/docs/ref/templates/builtins.txt
index 387ad09a83..ae62727266 100644
--- a/docs/ref/templates/builtins.txt
+++ b/docs/ref/templates/builtins.txt
@@ -1816,7 +1816,7 @@ The resulting data can be accessed in JavaScript like this:
.. code-block:: javascript
- var value = JSON.parse(document.getElementById('hello-data').textContent);
+ const value = JSON.parse(document.getElementById('hello-data').textContent);
XSS attacks are mitigated by escaping the characters "<", ">" and "&". For
example if ``value`` is ``{'hello': 'world</script>&amp;'}``, the output is: