On Friday, 12 December 2014 22:58:24 UTC+11, Cesare wrote:
> Hi All,
> I'm not sure this is the right place to ask... anyway: I have a Luminus
> project with cljs template (Clojurescript + Reagent).
>
> After upgrading lib-noir (now at 0.9.5), it seems that the anti-forgery check
> is now enabled by default.
>
> How can I manage it from ClojureScript, in particular in ajax calls?
>
> At the moment I get the error "Invalid anti-forgery token" for POST calls.
>
> Thanks a lot
> Bye
I've just managed to work out how to do this. Actually, there are a number of
ways to do it, but I think, given you are using luminus, this is the easiest.
The basic idea is to add a javascript variable to the page which holds the
anti-forgery token. Luminus makes this quite easy as it already adds the
csrf-token variable as a standard part of the selmer template. If you add
<script type=javascript>
var csrf = "{{csrf-token}}";
</script>
to the page template, then your clojurescript can get the value in js/csrf and
either use that to setup the hidden variable in your javascript generated forms
or if you are doing something like cljs-ajax, add it to the headers when
makeing the request to the server.
--
Note that posts from new members are moderated - please be patient with your
first post.
---
You received this message because you are subscribed to the Google Groups
"ClojureScript" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/clojurescript.
