sassman
commented
10 years ago here is my proposal how it could look like: https://gist.github.com/sassman/9299147
Closed sassman closed 9 years ago
sassman
commented
10 years ago here is my proposal how it could look like: https://gist.github.com/sassman/9299147
pydanny
commented
9 years ago :ship:
The csrf.js misses somehow the cookie extraction for the X-Header of csrf token. There is this variable that is set for the X-Header "csrftoken" that is not defined. From the django documentation this should be extracted from the cookies. The whole cookie code part is missing in this csrf.js file. This leads could lead into some confusion IMO.
My Proposal is to add the cookie extraction code to this csrf.js file and utilize it in the beginning before the X-Header is set like
[1] https://docs.djangoproject.com/en/1.6/ref/contrib/csrf/