datastar/csrf.md at e40db72ed5fd8e7ac40d97c1bee68df919a5b7f9 - datastar - Trustie: Git with trustie

541 B

Raw Blame History

CSRF

Explanation

Sometimes a backend framework need to set a header. Normally you should be using cookies to be more secure, but it depends on your backend.

<button data-on-click="@post('/examples/csrf/data', {
headers: {
    'x-csrf-token':'/Svi7DzhybrN+mDfI0zpReDj31ZZpp7GFp5KC6yMvGKer5OmslH1fpYDtAfsTwmfH+yLy7ghTAVHiRcjDz8XAQ=='
}})">Send update</button>
<div>
    <label>Response</label>
    <div id="responses"></div>
</div>

Demo

Update Me