diff options
| author | TGJ Gilmore <TracyGJG@users.noreply.github.com> | 2025-02-12 08:41:55 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-02-12 09:41:55 +0100 |
| commit | 0f9c4202ba5c0dd7bd6e6fb430b176b0c9bdba18 (patch) | |
| tree | ababe11836178ec5fd089423e8a7302bce733626 | |
| parent | 72b425f5fb322f61009f8f5c0f761426d0887dc2 (diff) | |
| download | htmx-0f9c4202ba5c0dd7bd6e6fb430b176b0c9bdba18.tar.gz htmx-0f9c4202ba5c0dd7bd6e6fb430b176b0c9bdba18.zip | |
Documentation typo correction (#3182)
* Documentation update to include the use of hx-headers to prevent CSRF
* Update hx-headers.md
Revised follow review.
* Update docs.md
Typo correction
| -rw-r--r-- | www/content/docs.md | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/www/content/docs.md b/www/content/docs.md index d67170ca..e94eb0b5 100644 --- a/www/content/docs.md +++ b/www/content/docs.md @@ -1662,7 +1662,7 @@ for exploring this topic. ### CSRF Prevention -The assignment and checking of CSRF tokens are typically backend responsibilities, but `htmx` can support returning the CSRF token automatically with every request using the `hx-headers` attribute. The attribute needs to be added to the element issuing the request or one of its ancestor elements. This makes the `html` and `body` elements effective global vehicles for adding the CSRF token to the `HTTP` request header, as illustarted below. +The assignment and checking of CSRF tokens are typically backend responsibilities, but `htmx` can support returning the CSRF token automatically with every request using the `hx-headers` attribute. The attribute needs to be added to the element issuing the request or one of its ancestor elements. This makes the `html` and `body` elements effective global vehicles for adding the CSRF token to the `HTTP` request header, as illustrated below. ```html <html lang="en" hx-headers='{"X-CSRF-TOKEN": "CSRF_TOKEN_INSERTED_HERE"}'> |