## CRSF Handling

Handling CRSF in htmx is server-side platform dependent, but typically involves something like the following to 
add a token to a header or parameter:

### Vanilla JS

In pure javascript you can listen to the `htmx:configRequest` event and set the token there:

```js
   document.body.addEventListener('htmx:configRequest', function(evt) {
      evt.detail.headers['X-CSRFToken'] = getToken();
    });
```

### htmx JS api

Using the htmx javascript api, you can clean the above up a bit:

```js
   htmx.on('htmx:configRequest', function(evt) {
      evt.detail.headers['X-CSRFToken'] = getToken();
    });
```

### hyperscript

Finally, if you are using [hyperscript](https://hyperscript.org), you can add the following to the body tag:

```html
  <body _="on htmx:configRequest(headers) set headers['X-CSRFToken'] to getToken()">
     ...
  </body>
```

### Platforms

Below are examples of setting the CSRT for various server side platforms.

#### Django

#### ???