summaryrefslogtreecommitdiffstatshomepage
path: root/www
diff options
context:
space:
mode:
Diffstat (limited to 'www')
-rw-r--r--www/content/docs.md2
1 files changed, 1 insertions, 1 deletions
diff --git a/www/content/docs.md b/www/content/docs.md
index d67170ca..e94eb0b5 100644
--- a/www/content/docs.md
+++ b/www/content/docs.md
@@ -1662,7 +1662,7 @@ for exploring this topic.
### CSRF Prevention
-The assignment and checking of CSRF tokens are typically backend responsibilities, but `htmx` can support returning the CSRF token automatically with every request using the `hx-headers` attribute. The attribute needs to be added to the element issuing the request or one of its ancestor elements. This makes the `html` and `body` elements effective global vehicles for adding the CSRF token to the `HTTP` request header, as illustarted below.
+The assignment and checking of CSRF tokens are typically backend responsibilities, but `htmx` can support returning the CSRF token automatically with every request using the `hx-headers` attribute. The attribute needs to be added to the element issuing the request or one of its ancestor elements. This makes the `html` and `body` elements effective global vehicles for adding the CSRF token to the `HTTP` request header, as illustrated below.
```html
<html lang="en" hx-headers='{"X-CSRF-TOKEN": "CSRF_TOKEN_INSERTED_HERE"}'>
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-30 22:44:19 +0000