HttpClientXsrfModule

class

npm Package @angular/common
Module import { HttpClientXsrfModule } from '@angular/common/http';
Source common/http/src/module.ts

Overview

class HttpClientXsrfModule {
  static disable(): ModuleWithProviders
  static withOptions(options: {...}): ModuleWithProviders
}

Description

NgModule which adds XSRF protection support to outgoing requests.

Provided the server supports a cookie-based XSRF protection system, this module can be used directly to configure XSRF protection with the correct cookie and header names.

If no such names are provided, the default is to use X-XSRF-TOKEN for the header name and XSRF-TOKEN for the cookie name.

Static Members

static disable(): ModuleWithProviders

Disable the default XSRF protection.

static withOptions(options: { cookieName?: string; headerName?: string; } = {}): ModuleWithProviders

Configure XSRF protection to use the given cookie name or header name, or the default names (as described above) if not provided.

Annotations

@NgModule({ providers: [ HttpXsrfInterceptor, { provide: HTTP_INTERCEPTORS, useExisting: HttpXsrfInterceptor, multi: true }, { provide: HttpXsrfTokenExtractor, useClass: HttpXsrfCookieExtractor }, { provide: XSRF_COOKIE_NAME, useValue: 'XSRF-TOKEN' }, { provide: XSRF_HEADER_NAME, useValue: 'X-XSRF-TOKEN' }, ] })

© 2010–2018 Google, Inc.
Licensed under the Creative Commons Attribution License 4.0.
https://v5.angular.io/api/common/http/HttpClientXsrfModule