Merge pull request #993 from kevin-brown/issue_984_docs

Made the CSRF documentation more clear
author: Tom Christie 2013-07-20 01:24:38 -0700
committer: Tom Christie 2013-07-20 01:24:38 -0700
commit: 596d76ffd4e1a86c6b3678669012442a6a3e4eb4 (patch)
tree: 493f5a325725b5f72d799c478459861d28d9b63b
parent: 84b5f478f32b332178190057e3e1196fa6360ff8 (diff)
parent: 8f2e71a67fad17a0e44df6747ca450a101979c24 (diff)
download: django-rest-framework-596d76ffd4e1a86c6b3678669012442a6a3e4eb4.tar.bz2
1 files changed, 1 insertions, 1 deletions
diff --git a/docs/topics/ajax-csrf-cors.md b/docs/topics/ajax-csrf-cors.md
index 4566f38b..0555b84d 100644
--- a/docs/topics/ajax-csrf-cors.md
+++ b/docs/topics/ajax-csrf-cors.md
@@ -23,7 +23,7 @@ To guard against these type of attacks, you need to do two things:
 
 If you're using `SessionAuthentication` you'll need to include valid CSRF tokens for any `POST`, `PUT`, `PATCH` or `DELETE` operations.
 
-The Django documentation describes how to [include CSRF tokens in AJAX requests][csrf-ajax].
+In order to make AJAX requests, you need to include CSRF token in the HTTP header, as [described in the Django documentation][csrf-ajax].
 
 ## CORS
author	Tom Christie	2013-07-20 01:24:38 -0700
committer	Tom Christie	2013-07-20 01:24:38 -0700
commit	596d76ffd4e1a86c6b3678669012442a6a3e4eb4 (patch)
tree	493f5a325725b5f72d799c478459861d28d9b63b
parent	84b5f478f32b332178190057e3e1196fa6360ff8 (diff)
parent	8f2e71a67fad17a0e44df6747ca450a101979c24 (diff)
download	django-rest-framework-596d76ffd4e1a86c6b3678669012442a6a3e4eb4.tar.bz2