summaryrefslogtreecommitdiff
path: root/docs/ref
diff options
context:
space:
mode:
authorLuke Plant <L.Plant.98@cantab.net>2011-05-09 23:47:50 +0000
committerLuke Plant <L.Plant.98@cantab.net>2011-05-09 23:47:50 +0000
commitfda65ffea57bf6f15a94f37c4ab74352f679e282 (patch)
tree746e030e180016dc77edacda6b758026c5f1c363 /docs/ref
parentaf1943f1394d2f59ab433cb1170a7d22d7743665 (diff)
[1.3.X] Updated AJAX example code in CSRF docs to be consistent regarding what are safe HTTP methods
Backport of [16202] from trunk. git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@16203 bcc190cf-cafb-0310-a4f2-bffc1f526a37
Diffstat (limited to 'docs/ref')
-rw-r--r--docs/ref/contrib/csrf.txt2
1 files changed, 1 insertions, 1 deletions
diff --git a/docs/ref/contrib/csrf.txt b/docs/ref/contrib/csrf.txt
index 7e9700dc3f..f3b95a11d3 100644
--- a/docs/ref/contrib/csrf.txt
+++ b/docs/ref/contrib/csrf.txt
@@ -125,7 +125,7 @@ that allow headers to be set on every request. In jQuery, you can use the
!(/^(\/\/|http:|https:).*/.test(url));
}
function safeMethod(method) {
- return (method === 'GET' || method === 'HEAD');
+ return (/^(GET|HEAD|OPTIONS|TRACE)$/.test(method));
}
if (!safeMethod(settings.type) && sameOrigin(settings.url)) {