Luke Plant  committed e52c239

[1.1.X] Removed example CSRF jQuery code from release notes, replacing with link to improved code in the CSRF docs

Backport of [15628] from trunk.

  • Participants
  • Parent commits 34c9060
  • Branches releases/1.1.X

Comments (0)

Files changed (2)

File docs/ref/contrib/csrf.txt

     (previous versions of Django did not provide these two components
     of ``CsrfMiddleware`` as described above)
+.. _csrf-ajax:

File docs/releases/1.1.4.txt

 of use with popular JavaScript toolkits which allow insertion of
 custom headers into all AJAX requests.
-The following example using the jQuery JavaScript toolkit demonstrates
-this; the call to jQuery's ajaxSetup will cause all AJAX requests to
-send back the CSRF token in the custom X-CSRFTOKEN header::
-    $.ajaxSetup({
-        beforeSend: function(xhr, settings) {
-            if (!(/^http:.*/.test(settings.url) || /^https:.*/.test(settings.url))) {
-                // Only send the token to relative URLs i.e. locally.
-                xhr.setRequestHeader("X-CSRFToken",
-                                     $("#csrfmiddlewaretoken").val());
-            }
-        }
-    });
+Please see the :ref:`CSRF docs for example jQuery code <csrf-ajax>`
+that demonstrates this technique, ensuring that you are looking at the
+documentation for your version of Django, as the exact code necessary
+is different for some older versions of Django.