aboutsummaryrefslogtreecommitdiffstats
path: root/guides/source/working_with_javascript_in_rails.md
diff options
context:
space:
mode:
Diffstat (limited to 'guides/source/working_with_javascript_in_rails.md')
-rw-r--r--guides/source/working_with_javascript_in_rails.md6
1 files changed, 3 insertions, 3 deletions
diff --git a/guides/source/working_with_javascript_in_rails.md b/guides/source/working_with_javascript_in_rails.md
index b740e933ba..28af1cd88d 100644
--- a/guides/source/working_with_javascript_in_rails.md
+++ b/guides/source/working_with_javascript_in_rails.md
@@ -536,9 +536,9 @@ the token:
var token = document.getElementsByName('csrf-token')[0].content
```
-You can then submit this token as a X-CSRF-Token in your header for your
-Ajax requst. You do not need to add a CSRF for GET requests, only non-GET
-requests.
+You can then submit this token as a `X-CSRF-Token` header for your
+Ajax request. You do not need to add a CSRF token for GET requests,
+only non-GET ones.
You can read more about about Cross-Site Request Forgery in [Security](https://guides.rubyonrails.org/security.html#cross-site-request-forgery-csrf)
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-17 22:05:42 +0000