Merge pull request #993 from kevin-brown/issue_984_docs

Made the CSRF documentation more clear
2025-01-24 08:14:16 +03:00 · 2013-07-20 01:24:38 -07:00 · 2013-07-20 01:24:38 -07:00 · 596d76ffd4
commit 596d76ffd4
parent 84b5f478f3 8f2e71a67f
1 changed files with 1 additions and 1 deletions
--- a/docs/topics/ajax-csrf-cors.md
+++ b/docs/topics/ajax-csrf-cors.md
@ -23,7 +23,7 @@ To guard against these type of attacks, you need to do two things:

 If you're using `SessionAuthentication` you'll need to include valid CSRF tokens for any `POST`, `PUT`, `PATCH` or `DELETE` operations.

-The Django documentation describes how to [include CSRF tokens in AJAX requests][csrf-ajax].
+In order to make AJAX requests, you need to include CSRF token in the HTTP header, as [described in the Django documentation][csrf-ajax].

 ## CORS