Open cheljoh opened 7 years ago
I attempted making some AJAX requests using jQuery to endpoints other than my own API, and I got this error:
Request header field X-CSRF-Token is not allowed by Access-Control-Allow-Headers in preflight response.
I noticed the code in ember-rails-addon-csrf.js adds the CSRF headers to all AJAX requests that use jQuery.
ember-rails-addon-csrf.js
It would be nice if there was a way to make the CSRF headers optional so I can make AJAX requests to Google, etc. Thanks!
I attempted making some AJAX requests using jQuery to endpoints other than my own API, and I got this error:
Request header field X-CSRF-Token is not allowed by Access-Control-Allow-Headers in preflight response.
I noticed the code in
ember-rails-addon-csrf.js
adds the CSRF headers to all AJAX requests that use jQuery.It would be nice if there was a way to make the CSRF headers optional so I can make AJAX requests to Google, etc. Thanks!