Issue #1 new

Skip CSRF if AJAX request

Dan Jacob
created an issue

For the sake of convenience, it should be possible to skip CSRF checking in AJAX requests - you can't make cross-domain AJAX requests (request.is_xhr) in any case.

If you still want to ensure CSRF AJAX checking, could this be a configurable option ?

Comments (1)

  1. Log in to comment