Opened 4 years ago

Closed 4 years ago

Last modified 4 years ago

#26181 closed Bug (fixed)

AngularJS CSRF example is incorrect

Reported by: Javier Liendo Owned by: Mahendra Yadav
Component: Documentation Version: 1.9
Severity: Normal Keywords: CSRF, angular
Cc: Triage Stage: Ready for checkin
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: yes UI/UX: no

Description

On

https://docs.djangoproject.com/en/1.9/ref/csrf/#ajax, it says:

If you’re using AngularJS 1.1.3 and newer, it’s sufficient to configure the $http provider with the cookie and header names:

$http.defaults.xsrfCookieName = 'csrftoken';
$http.defaults.xsrfHeaderName = 'X-CSRFToken';

I think that it should read,

$httpProvider.defaults.xsrfCookieName = 'csrftoken';
$httpProvider.defaults.xsrfHeaderName = 'X-CSRFToken';

On angular HTTP default headers are defined on the $httpProvider object.

Change History (5)

comment:1 Changed 4 years ago by Mahendra Yadav

Owner: changed from nobody to Mahendra Yadav
Status: newassigned

comment:2 Changed 4 years ago by Tim Graham

Triage Stage: UnreviewedAccepted

comment:3 Changed 4 years ago by Tim Graham

Has patch: set
Summary: Documentation: AJAX, CSRF and AngularAngularJS CSRF example is incorrect
Triage Stage: AcceptedReady for checkin

comment:4 Changed 4 years ago by Tim Graham <timograham@…>

Resolution: fixed
Status: assignedclosed

In 7a7b82e6:

Fixed #26181 -- Corrected AngularJS CSRF example.

comment:5 Changed 4 years ago by Tim Graham <timograham@…>

In f3194d95:

[1.9.x] Fixed #26181 -- Corrected AngularJS CSRF example.

Backport of 7a7b82e6f4c34fbfd7a11123986ed74f9f752a48 from master

Note: See TracTickets for help on using tickets.
Back to Top