Any chance you could comment on how an app using client-side views with Rails (react/vue/angular)…
Brad Murray
11

Brad,

One approach is to grab the CSRF token from the HTML, and send it along with your AJAX requests using the X-CSRF-Token header (this is the recommended way of handling it, and how rails-ujsdoes it). Another popular approach for securing requests from front-end frameworks is with JSON web tokens.

One clap, two clap, three clap, forty?

By clapping more or less, you can signal to us which stories really stand out.