angular-csrf-cross-domain

Build Status Bower version Hex.pm Code Climate Test Coverage

angular-csrf-cross-domain

Enable csrf/xsrf protection for cross domain requests in Angular

$http docs : Angular provides a mechanism to counter XSRF. When performing XHR requests, but will not be set for cross-domain requests.

You only need this library: * For cross domain requests and enable angular csrf/xsrf protection.

Getting Started

Install the library through bower. js bower install angular-csrf-cross-domain

Also available with the name angular-xsrf-cross-domain

Add it to your app dependency js angular.module('myModule',['csrf-cross-domain'])

That's it - you are done!

Customization

The provider is fully customizable. Below are the methods given by provider.

Default csrf component names: - HTTP default header name: X-XSRF-TOKEN - HTTP default cookie name: XSRF-TOKEN - HTTP default allowed methods: 'GET', 'POST', 'PUT', 'PATCH', 'DELETE'

Django example: (each framework has its own default csrf component naming convention)

Contributing

  1. Fork it
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Add some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create new Pull Request

Locations

comments powered by Disqus
This page was last updated over 2 years ago.