When we make a request to the phoenix server, we have to include a csrf_token to avoid cross site forgery. Normally this is fine, as the csrf token is included in all Phoenix forms as a hidden input, but when we are making AJAX requests with javascript, we need to manually include this token.
We can do this by getting the child of the form with the correct name ("_csrf_token") and sending the value of that form in a request header with the name "x-csrf-token".
When we make a request to the phoenix server, we have to include a csrf_token to avoid cross site forgery. Normally this is fine, as the csrf token is included in all Phoenix forms as a hidden input, but when we are making AJAX requests with javascript, we need to manually include this token.
We can do this by getting the child of the form with the correct name ("_csrf_token") and sending the value of that form in a request header with the name "x-csrf-token".