diff options
| author | sdwoodbury <stuartwx@yahoo.com> | 2021-09-13 00:36:27 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-09-13 06:36:27 +0200 |
| commit | 691b8dd8edfbcdcff66b9bf7bdaa5e875af28006 (patch) | |
| tree | 94bd0dc284ebcaddd0dcc00b1beb26841eeabd9f /docs | |
| parent | ecf87ad513fd8af6e4a6093ed918723a7d88d5ca (diff) | |
Made CSRF JavaScript example more reusable.
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/ref/csrf.txt | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/docs/ref/csrf.txt b/docs/ref/csrf.txt index 6e340bcdeb..56fcd77563 100644 --- a/docs/ref/csrf.txt +++ b/docs/ref/csrf.txt @@ -150,12 +150,13 @@ Finally, you'll need to set the header on your AJAX request. Using the const request = new Request( /* URL */, - {headers: {'X-CSRFToken': csrftoken}} + { + method: 'POST', + headers: {'X-CSRFToken': csrftoken}, + mode: 'same-origin' // Do not send CSRF token to another domain. + } ); - fetch(request, { - method: 'POST', - mode: 'same-origin' // Do not send CSRF token to another domain. - }).then(function(response) { + fetch(request).then(function(response) { // ... }); |
