summaryrefslogtreecommitdiff
path: root/docs/ref
diff options
context:
space:
mode:
Diffstat (limited to 'docs/ref')
-rw-r--r--docs/ref/contrib/csrf.txt5
1 files changed, 5 insertions, 0 deletions
diff --git a/docs/ref/contrib/csrf.txt b/docs/ref/contrib/csrf.txt
index 93a7bb7c65..50e15d7f94 100644
--- a/docs/ref/contrib/csrf.txt
+++ b/docs/ref/contrib/csrf.txt
@@ -128,6 +128,11 @@ that allow headers to be set on every request. In jQuery, you can use the
}
});
+.. note::
+
+ Due to a bug introduced in jQuery 1.5, the example above will not work
+ correctly on that version. Make sure you are running at least jQuery 1.5.1.
+
Adding this to a javascript file that is included on your site will ensure that
AJAX POST requests that are made via jQuery will not be caught by the CSRF
protection.