Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

[1.3.X] Updated AJAX example code in CSRF docs to be consistent regar…

…ding what are safe HTTP methods

Backport of [16202] from trunk.

git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@16203 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
commit fda65ffea57bf6f15a94f37c4ab74352f679e282 1 parent af1943f
Luke Plant authored May 09, 2011

Showing 1 changed file with 1 addition and 1 deletion. Show diff stats Hide diff stats

  1. 2  docs/ref/contrib/csrf.txt
2  docs/ref/contrib/csrf.txt
@@ -125,7 +125,7 @@ that allow headers to be set on every request. In jQuery, you can use the
125 125
                 !(/^(\/\/|http:|https:).*/.test(url));
126 126
         }
127 127
         function safeMethod(method) {
128  
-            return (method === 'GET' || method === 'HEAD');
  128
+            return (/^(GET|HEAD|OPTIONS|TRACE)$/.test(method));
129 129
         }
130 130
 
131 131
         if (!safeMethod(settings.type) && sameOrigin(settings.url)) {

0 notes on commit fda65ff

Please sign in to comment.
Something went wrong with that request. Please try again.