angular-csrf-cross-domain

0.0.3 • Public • Published

Build Status npm version npm version Hex.pm Code Climate Test Coverage

angular-csrf-cross-domain

Enable csrf/xsrf protection for cross domain requests in Angular

$http docs : Angular provides a mechanism to counter XSRF. When performing XHR requests, but will not be set for cross-domain requests.

You only need this library:

  • For cross domain requests and enable angular csrf/xsrf protection.

Getting Started

Install the library through bower.

bower install angular-csrf-cross-domain

Also available with the name angular-xsrf-cross-domain

Add it to your app dependency

angular.module('myModule',['csrf-cross-domain'])

That's it - you are done!

Customization

The provider is fully customizable. Below are the methods given by provider.

Default csrf component names:

  • HTTP default header name: X-XSRF-TOKEN
  • HTTP default cookie name: XSRF-TOKEN
  • HTTP default allowed methods: 'GET', 'POST', 'PUT', 'PATCH', 'DELETE'

Django example: (each framework has its own default csrf component naming convention)

angular.config(function(csrfCDProvider) {
 
        // Django default name
        csrfCDProvider.setHeaderName('X-CSRFToken');
        csrfCDProvider.setCookieName('CSRFToken');
 
        // You can even configure HTTP methods to set csrf
        csrfCDProvider.setAllowedMethods(['GET', 'POST', 'HEAD']);
 
    });

Contributing

  1. Fork it
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Add some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create new Pull Request

Locations

Bitdeli Badge

/angular-csrf-cross-domain/

    Package Sidebar

    Install

    npm i angular-csrf-cross-domain

    Weekly Downloads

    7

    Version

    0.0.3

    License

    Apache-2.0

    Last publish

    Collaborators

    • pasupulaphani