#18826: A bit changed JavaScript for CSRF with async JS
-------------------------------------+-------------------------------------
Reporter: panco | Owner: nobody
Type: | Status: closed
Cleanup/optimization | Version: 1.4
Component: Documentation | Resolution:
Severity: Normal | worksforme
Keywords: ajax, csrf | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Changes (by aaugustin):
* stage: Unreviewed => Accepted
Comment:
The changes described in the report (`===` and proper variable
declaration) usually don't make the code less readable and they're widely
accepted good practices.
But there are other changes in the snippet I'm less comfortable with:
- using `ajaxSend` instead of `ajaxSetup` — no idea, I'm not a frontend
dev;
- re-compiling `getCookie`, `sameOrigin` and `safeMethod' every time —
looks wasteful.
If there was a proper patch against the documentation, I would be willing
to reconsider this ticket.
--
Ticket URL: <https://code.djangoproject.com/ticket/18826#comment:3>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to django-updates@googlegroups.com.
To unsubscribe from this group, send email to
django-updates+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
