Open RyanChill94 opened 6 years ago
in the Chinese version “understanding-csrf”
original article: As noted above, if you don't support CORS and your APIs are strictly JSON, there is absolutely no point in adding CSRF tokens to your AJAX calls.
Inaccurate: 正如上面提到的,如果你不支持CORS并且你的API是传输的严格的JSON, 绝没可能在你的AJAX 调用中加入CSRF token。
better: 正如上面提到的,如果你不支持CORS并且你的API是传输的严格的JSON, 在你的AJAX 调用中加入CSRF token 是毫无意义的。
in the Chinese version “understanding-csrf”
original article: As noted above, if you don't support CORS and your APIs are strictly JSON, there is absolutely no point in adding CSRF tokens to your AJAX calls.
Inaccurate: 正如上面提到的,如果你不支持CORS并且你的API是传输的严格的JSON, 绝没可能在你的AJAX 调用中加入CSRF token。
better: 正如上面提到的,如果你不支持CORS并且你的API是传输的严格的JSON, 在你的AJAX 调用中加入CSRF token 是毫无意义的。