'X-Requested-With' : 'XMLHttpRequest' //Proposed to add-in to Allow Write data connection via pi web api to PI Server when the configuration item in PI System Explorer "EnableCSRFDefense": true.
When set to true, the Cross-Site Request Forgery (CSRF) defense is enabled in PI Web API, and PI Web API checks whether a custom HTTP request header X-Requested-With is present with a request, whose method is POST, PUT, PATCH or DELETE. This defense relies on the Same-Origin Policy restriction and CORS settings. Ensure that the value for the CorsHeaders setting is either the asterisk (*) character or contains X-Requested-With.
Added at line 95
'X-Requested-With' : 'XMLHttpRequest' //Proposed to add-in to Allow Write data connection via pi web api to PI Server when the configuration item in PI System Explorer "EnableCSRFDefense": true.
When set to true, the Cross-Site Request Forgery (CSRF) defense is enabled in PI Web API, and PI Web API checks whether a custom HTTP request header X-Requested-With is present with a request, whose method is POST, PUT, PATCH or DELETE. This defense relies on the Same-Origin Policy restriction and CORS settings. Ensure that the value for the CorsHeaders setting is either the asterisk (*) character or contains X-Requested-With.
cited from: OSISOFT Live Library EnableCSRFDefense