If your backend service uses different names for
the XSRF token cookie or header, use HttpClientXsrfModule.withOptions()
to override the defaults.
imports: [
HttpClientModule,
HttpClientXsrfModule.withOptions({
cookieName: 'My-Xsrf-Cookie',
headerName: 'My-Xsrf-Header',
}),
],
withOptions()
- Configure XSRF protection.
An object that can specify either or both cookie
name or header name.
1. Cookie
name default is XSRF-TOKEN.
2. Header
name default is X-XSRF-TOKEN.
static withOptions(options: { cookieName?: string; headerName?: string; } = {}): ModuleWithProviders<HttpClientXsrfModule>
HttpClientXsrfModule
- Configures XSRF protection support for outgoing requests.
class HttpClientXsrfModule {
static disable(): ModuleWithProviders<HttpClientXsrfModule>
static withOptions(options: { cookieName?: string; headerName?: string; } = {}): ModuleWithProviders<HttpClientXsrfModule>
}
For a server that supports a cookie-based XSRF protection system, use directly to configure XSRF protection with the correct
cookie and header names.
If no names are supplied, the default cookie name
is XSRF-TOKEN and the default header
name is X-XSRF-TOKEN.
disable()
- The disable method is used to Disable the default XSRF protection.