aboutsummaryrefslogtreecommitdiffstats
path: root/guides
diff options
context:
space:
mode:
Diffstat (limited to 'guides')
-rw-r--r--guides/source/security.md2
1 files changed, 1 insertions, 1 deletions
diff --git a/guides/source/security.md b/guides/source/security.md
index 32890e0606..66c740f1e3 100644
--- a/guides/source/security.md
+++ b/guides/source/security.md
@@ -247,7 +247,7 @@ protect_from_forgery with: :exception
This will automatically include a security token in all forms and Ajax requests generated by Rails. If the security token doesn't match what was expected, an exception will be thrown.
-NOTE: By default, Rails includes jQuery and a [unobtrusive scripting adapter for jQuery](https://github.com/rails/jquery-ujs),
+NOTE: By default, Rails includes jQuery and an [unobtrusive scripting adapter for jQuery](https://github.com/rails/jquery-ujs),
which adds a header called `X-CSRF-Token` on every non-GET Ajax call made by jQuery with the security token.
Without this header, your non-GET requests won't be accepted by Rails. If you want to use another library
to make Ajax calls, you will have to find how add the security token as a default header for Ajax calls in
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-30 20:06:57 +0000