Merge pull request #423 from m0sth8/fix-xcsrf-token

Set headers in js and go files to X-Csrf-Token
2024-11-16 10:28:24 -07:00 · 2014-09-02 12:30:44 -04:00 · 2014-09-02 12:30:44 -04:00 · f19fc230d4
commit f19fc230d4
parent 9ddd545473 9476e58de9
1 changed files with 1 additions and 0 deletions
--- a/cmd/web.go
+++ b/cmd/web.go
@ -95,6 +95,7 @@ func newMacaron() *macaron.Macaron {
 	m.Use(csrf.Generate(csrf.Options{
 		Secret:    setting.SecretKey,
 		SetCookie: true,
+		Header:    "X-Csrf-Token",
 	}))
 	m.Use(toolbox.Toolboxer(m, toolbox.Options{
 		HealthCheckFuncs: []*toolbox.HealthCheckFuncDesc{