mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-08-04 19:08:28 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

[3.1.x] Refs #31493 -- Replaced var with const/let in documentation JS.

Browse source 
Backport of 2afa61e7d9 from master
This commit is contained in:
Adam Johnson 2020-06-24 11:41:10 +02:00 committed by Carlton Gibson
parent b8cb14e8a0
commit 6ed4a9bdb3
4 changed files with 34 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

16
docs/ref/csrf.txt
View file

@ -85,11 +85,11 @@ You can acquire the token like this:
.. code-block:: javascript
function getCookie(name) {
var cookieValue = null;
let cookieValue = null;
if (document.cookie && document.cookie !== '') {
var cookies = document.cookie.split(';');
for (var i = 0; i < cookies.length; i++) {
var cookie = cookies[i].trim();
const cookies = document.cookie.split(';');
for (let i = 0; i < cookies.length; i++) {
const cookie = cookies[i].trim();
// Does this cookie string begin with the name we want?
if (cookie.substring(0, name.length + 1) === (name + '=')) {
cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
@ -99,14 +99,14 @@ You can acquire the token like this:
}
return cookieValue;
}
var csrftoken = getCookie('csrftoken');
const csrftoken = getCookie('csrftoken');
The above code could be simplified by using the `JavaScript Cookie library
<https://github.com/js-cookie/js-cookie/>`_ to replace ``getCookie``:
.. code-block:: javascript
var csrftoken = Cookies.get('csrftoken');
const csrftoken = Cookies.get('csrftoken');
.. note::
@ -137,7 +137,7 @@ and read the token from the DOM with JavaScript:
{% csrf_token %}
<script>
var csrftoken = document.querySelector('[name=csrfmiddlewaretoken]').value;
const csrftoken = document.querySelector('[name=csrfmiddlewaretoken]').value;
</script>
Setting the token on the AJAX request
@ -148,7 +148,7 @@ Finally, you'll need to set the header on your AJAX request. Using the
.. code-block:: javascript
var request = new Request(
const request = new Request(
/* URL */,
{headers: {'X-CSRFToken': csrftoken}}
);

2
docs/ref/templates/builtins.txt
View file

@ -1830,7 +1830,7 @@ The resulting data can be accessed in JavaScript like this:
.. code-block:: javascript
var value = JSON.parse(document.getElementById('hello-data').textContent);
const value = JSON.parse(document.getElementById('hello-data').textContent);
XSS attacks are mitigated by escaping the characters "<", ">" and "&". For
example if ``value`` is ``{'hello': 'world</script>&amp;'}``, the output is: