Skip to content

Instantly share code, notes, and snippets.

$.ajaxSetup
xhrFields:
withCredentials: true
$(document).ajaxSend (event, jqxhr, settings)->
jqxhr.setRequestHeader 'X-CSRF-Token', Embed.get 'csrf-token'
jqxhr.withCredentials = true # so the browser appends session headers in CORS requests
$(document).ajaxComplete (event, jqxhr, settings)->
if jqxhr.getResponseHeader('X-CSRF-Token')?