Pages

Angular Rails patch to $.ajax pass the CSRF protection

Thursday, October 24, 2013


Summary:
--------
If we using $.ajax to pass the value need to verify the CSRF production. It will work both rails 3 & rails 4.


Step 1:
-------

You need to add the below code to pass the CSRF production during $.ajax.

JS:
---

app.config(["$httpProvider", function(provider) {
  provider.defaults.headers.common['X-CSRF-Token'] = $('meta[name=csrf-token]').attr('content');
}]);

Coffee:
------

app.config ["$httpProvider", (provider) ->
  provider.defaults.headers.common["X-CSRF-Token"] = $("meta[name=csrf-token]").attr("content")
]


No comments:

Post a Comment