Commits

Luke Plant committed b5f8166

[1.2.X] Updated AJAX example code in CSRF docs to be consistent regarding what are safe HTTP methods

Backport of [16202] from trunk.

  • Participants
  • Parent commits 0fd1828
  • Branches releases/1.2.X

Comments (0)

Files changed (1)

docs/ref/contrib/csrf.txt

                 !(/^(\/\/|http:|https:).*/.test(url));
         }
         function safeMethod(method) {
-            return (method === 'GET' || method === 'HEAD');
+            return (/^(GET|HEAD|OPTIONS|TRACE)$/.test(method));
         }
 
         if (!safeMethod(settings.type) && sameOrigin(settings.url)) {