Commit 2a187452 authored by Brian Rosner's avatar Brian Rosner
Browse files

[1.3.X] Added a note about the AJAX CSRF example not working on jQuery 1.5 

Backport of [16543] from trunk.

git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@16544 bcc190cf-cafb-0310-a4f2-bffc1f526a37
parent a925b378

docs/ref/contrib/csrf.txt

+5 −0
Original line number Diff line number Diff line
@@ -133,6 +133,11 @@ that allow headers to be set on every request. In jQuery, you can use the 
        }

    });



.. note::



    Due to a bug introduced in jQuery 1.5, the example above will not work

    correctly on that version. Make sure you are running at least jQuery 1.5.1.



Adding this to a javascript file that is included on your site will ensure that

AJAX POST requests that are made via jQuery will not be caught by the CSRF

protection.