Opened 5 years ago
Closed 5 years ago
#30641 closed Cleanup/optimization (wontfix)
Update docs for using CSRF with Ajax.
Reported by: | JeroenvO | Owned by: | nobody |
---|---|---|---|
Component: | Documentation | Version: | dev |
Severity: | Normal | Keywords: | csrf token jquery context templatetag ajax |
Cc: | Triage Stage: | Unreviewed | |
Has patch: | no | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | no | UI/UX: | no |
Description
Docs state: (https://docs.djangoproject.com/en/2.2/ref/csrf/)
In order to get CSRF token in Javascript, for instance for an AJAX request.
{% csrf_token %} <script type="text/javascript"> var csrftoken = jQuery("[name=csrfmiddlewaretoken]").val(); </script>
but since {{ csrf_token }} is available in the context, a much cleaner version would be:
<script type="text/javascript"> // using jQuery var csrftoken = '{{ csrf_token }}'; </script>
Change History (1)
comment:1 by , 5 years ago
Component: | CSRF → Documentation |
---|---|
Resolution: | → wontfix |
Status: | new → closed |
Summary: | Update docs for using CSRF with Ajax → Update docs for using CSRF with Ajax. |
Version: | 2.2 → master |
Note:
See TracTickets
for help on using tickets.
Thanks for the report, but I believe that the current recommendation is better because it works if:
is a part of external JavaScript file (see extensive discussion in PR).