encode/django-rest-framework
1
1
Fork 0
mirror of https://github.com/encode/django-rest-framework.git synced 2025-01-24 08:14:16 +03:00
Code Issues Packages Projects Releases Wiki Activity

Modified documentation for CSRF as mentioned in #984

Browse Source
This commit is contained in:
Kevin Brown 2013-07-19 19:49:20 -04:00
parent 84b5f478f3
commit 8f2e71a67f
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/topics/ajax-csrf-cors.md
View File

@ -23,7 +23,7 @@ To guard against these type of attacks, you need to do two things:
If you're using `SessionAuthentication` you'll need to include valid CSRF tokens for any `POST`, `PUT`, `PATCH` or `DELETE` operations. If you're using `SessionAuthentication` you'll need to include valid CSRF tokens for any `POST`, `PUT`, `PATCH` or `DELETE` operations.
The Django documentation describes how to [include CSRF tokens in AJAX requests][csrf-ajax]. In order to make AJAX requests, you need to include CSRF token in the HTTP header, as [described in the Django documentation][csrf-ajax].
## CORS ## CORS