CSRF + AJAX
|Reported by:||xlax||Owned by:||nobody|
|Cc:||jeroen.pulles@…, carl@…, stefan.cornelius@…, lidaobing@…, johannes.beigel@…, neithere@…||Triage Stage:||Design decision needed|
|Has patch:||yes||Needs documentation:||no|
|Needs tests:||yes||Patch needs improvement:||no|
I've got a patch ready for anyone who needs it (if it's accepted) to use CSRF with AJAX.
It's simply adding a line to the main CSRF function, stating that if AJAX is being used, there's no need for a check.
I know of no issues regarding this. I can submit the file immediatelly. (It's been tested here)