5,337
edits
Line 88: | Line 88: | ||
* [https://github.com/angular/components Angular Components] | * [https://github.com/angular/components Angular Components] | ||
** [[Angular Material]] ([https://material.angular.io/ website]) | ** [[Angular Material]] ([https://material.angular.io/ website]) | ||
==Advanced Usage== | |||
===CSRF/XSRF=== | |||
See [https://angular.io/guide/http#security-xsrf-protection http#security-xsrf-protection] | |||
By default, the <code>HttpClientModule</code> will automatically reflect the <code>XSRF-TOKEN</code> cookie as <code>X-XSRF-TOKEN</code> if the following conditions are met: | |||
* <code>XSRF-TOKEN</code> is a cookie under <code>/</code> with <code>HttpOnly</code> set to false. | |||
* The outgoing request is not a <code>GET</code> or <code>HEAD</code> request. | |||
* The outgoing request path is a relative path of form <code>api/endpoint</code> or <code>//example.com/api/endpoint</code>. | |||
==Resources== | ==Resources== |