summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
Diffstat (limited to 'docs')
-rw-r--r--docs/ref/csrf.txt11
1 files changed, 6 insertions, 5 deletions
diff --git a/docs/ref/csrf.txt b/docs/ref/csrf.txt
index 6e340bcdeb..56fcd77563 100644
--- a/docs/ref/csrf.txt
+++ b/docs/ref/csrf.txt
@@ -150,12 +150,13 @@ Finally, you'll need to set the header on your AJAX request. Using the
const request = new Request(
/* URL */,
- {headers: {'X-CSRFToken': csrftoken}}
+ {
+ method: 'POST',
+ headers: {'X-CSRFToken': csrftoken},
+ mode: 'same-origin' // Do not send CSRF token to another domain.
+ }
);
- fetch(request, {
- method: 'POST',
- mode: 'same-origin' // Do not send CSRF token to another domain.
- }).then(function(response) {
+ fetch(request).then(function(response) {
// ...
});