Luke Plant avatar Luke Plant committed e52c239

[1.1.X] Removed example CSRF jQuery code from release notes, replacing with link to improved code in the CSRF docs

Backport of [15628] from trunk.

Comments (0)

Files changed (2)


     (previous versions of Django did not provide these two components
     of ``CsrfMiddleware`` as described above)
+.. _csrf-ajax:


 of use with popular JavaScript toolkits which allow insertion of
 custom headers into all AJAX requests.
-The following example using the jQuery JavaScript toolkit demonstrates
-this; the call to jQuery's ajaxSetup will cause all AJAX requests to
-send back the CSRF token in the custom X-CSRFTOKEN header::
-    $.ajaxSetup({
-        beforeSend: function(xhr, settings) {
-            if (!(/^http:.*/.test(settings.url) || /^https:.*/.test(settings.url))) {
-                // Only send the token to relative URLs i.e. locally.
-                xhr.setRequestHeader("X-CSRFToken",
-                                     $("#csrfmiddlewaretoken").val());
-            }
-        }
-    });
+Please see the :ref:`CSRF docs for example jQuery code <csrf-ajax>`
+that demonstrates this technique, ensuring that you are looking at the
+documentation for your version of Django, as the exact code necessary
+is different for some older versions of Django.
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.