Docs4dev
Docs
angular / 6 / api / common / http / httpclientxsrfmodule.html

HttpClientXsrfModule

ngmodule

Configures XSRF protection support for outgoing requests.

See more...

class HttpClientXsrfModule {
  static disable(): ModuleWithProviders
  static withOptions(options: {...}): ModuleWithProviders
}

Description

For a server that supports a cookie-based XSRF protection system, use directly to configure XSRF protection with the correct cookie and header names.

If no names are supplied, the default cookie name is XSRF-TOKEN and the default header name is X-XSRF-TOKEN.

Static methods

disable()

Disable the default XSRF protection.

static disable(): ModuleWithProviders

Parameters

There are no parameters.

Returns

ModuleWithProviders
withOptions()

Configure XSRF protection.

static withOptions(options: { cookieName?: string; headerName?: string; } = {}): ModuleWithProviders

Parameters

options

An object that can specify either or both cookie name or header name.

  • Cookie name default is XSRF-TOKEN.
  • Header name default is X-XSRF-TOKEN.

Optional. Default is {}.

Returns

ModuleWithProviders

Providers

Provider 
HttpXsrfInterceptor
 
{ provide: HTTP_INTERCEPTORS, useExisting: HttpXsrfInterceptor, multi: true }
 
{ provide: HttpXsrfTokenExtractor, useClass: HttpXsrfCookieExtractor }
 
{ provide: XSRF_COOKIE_NAME, useValue: 'XSRF-TOKEN' }
 
{ provide: XSRF_HEADER_NAME, useValue: 'X-XSRF-TOKEN' }

© 2010–2019 Google, Inc.
Licensed under the Creative Commons Attribution License 4.0.
https://v6.angular.io/api/common/http/HttpClientXsrfModule