angular-csrf-cross-domain
Enable csrf/xsrf protection for cross domain requests in Angular
$http docs : Angular provides a mechanism to counter XSRF. When performing XHR requests, but will not be set for cross-domain requests.
You only need this library:
- For cross domain requests and enable angular csrf/xsrf protection.
Getting Started
Install the library through bower.
bower install angular-csrf-cross-domain
Also available with the name
angular-xsrf-cross-domain
Add it to your app dependency
angular
That's it - you are done!
Customization
The provider is fully customizable. Below are the methods given by provider.
Default csrf component names:
- HTTP default header name:
X-XSRF-TOKEN
- HTTP default cookie name:
XSRF-TOKEN
- HTTP default allowed methods:
'GET', 'POST', 'PUT', 'PATCH', 'DELETE'
Django example: (each framework has its own default csrf component naming convention)
angular;
Contributing
- Fork it
- Create your feature branch (
git checkout -b my-new-feature
) - Commit your changes (
git commit -am 'Add some feature'
) - Push to the branch (
git push origin my-new-feature
) - Create new Pull Request