Enable csrf/xsrf protection for cross domain requests in Angular
$http docs : Angular provides a mechanism to counter XSRF. When performing XHR requests, but will not be set for cross-domain requests.
You only need this library: * For cross domain requests and enable angular csrf/xsrf protection.
Install the library through bower.
bower install angular-csrf-cross-domain
Also available with the name
Add it to your app dependency
That's it - you are done!
The provider is fully customizable. Below are the methods given by provider.
Default csrf component names:
- HTTP default header name:
- HTTP default cookie name:
- HTTP default allowed methods:
'GET', 'POST', 'PUT', 'PATCH', 'DELETE'
Django example: (each framework has its own default csrf component naming convention)
- Fork it
- Create your feature branch (
git checkout -b my-new-feature)
- Commit your changes (
git commit -am 'Add some feature')
- Push to the branch (
git push origin my-new-feature)
- Create new Pull Request