#26181 closed Bug (fixed)
AngularJS CSRF example is incorrect
Reported by: | Javier Liendo | Owned by: | Mahendra Yadav |
---|---|---|---|
Component: | Documentation | Version: | 1.9 |
Severity: | Normal | Keywords: | CSRF, angular |
Cc: | Triage Stage: | Ready for checkin | |
Has patch: | yes | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | yes | UI/UX: | no |
Description
On
https://docs.djangoproject.com/en/1.9/ref/csrf/#ajax, it says:
If you’re using AngularJS 1.1.3 and newer, it’s sufficient to configure the $http provider with the cookie and header names:
$http.defaults.xsrfCookieName = 'csrftoken'; $http.defaults.xsrfHeaderName = 'X-CSRFToken';
I think that it should read,
$httpProvider.defaults.xsrfCookieName = 'csrftoken'; $httpProvider.defaults.xsrfHeaderName = 'X-CSRFToken';
On angular HTTP default headers are defined on the $httpProvider object.
Change History (5)
comment:1 by , 9 years ago
Owner: | changed from | to
---|---|
Status: | new → assigned |
comment:2 by , 9 years ago
Triage Stage: | Unreviewed → Accepted |
---|
comment:3 by , 9 years ago
Has patch: | set |
---|---|
Summary: | Documentation: AJAX, CSRF and Angular → AngularJS CSRF example is incorrect |
Triage Stage: | Accepted → Ready for checkin |
Note:
See TracTickets
for help on using tickets.
PR