-
-
Notifications
You must be signed in to change notification settings - Fork 3
CSRF
Fatih Koca edited this page Nov 27, 2019
·
1 revision
This setting provides protection against CSRF attacks. Cross-site request forgery, also known as one-click attack or session riding and abbreviated as CSRF or XSRF, is a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the web application trusts. There is a detailed explanation to here.
Default value is true.
Vue.ajax.get("http://example.com", {}, {
csrf: true
});In the html head tag it must be csrf-token meta. Like this:
<meta name="csrf-token" content="[TOKEN]">