This is the archived documentation for Angular v5. Please visit angular.io to see documentation for the current version of Angular.

HttpClientXsrfModule

npm Package @angular/common
Module import { HttpClientXsrfModule } from '@angular/common/http';
Source common/http/src/module.ts

Overview

      
      class HttpClientXsrfModule {
  static disable(): ModuleWithProviders
  static withOptions(options: {...}): ModuleWithProviders
}
    

Description

NgModule which adds XSRF protection support to outgoing requests.

Provided the server supports a cookie-based XSRF protection system, this module can be used directly to configure XSRF protection with the correct cookie and header names.

If no such names are provided, the default is to use X-XSRF-TOKEN for the header name and XSRF-TOKEN for the cookie name.

Static Members

      
      static disable(): ModuleWithProviders
    

Disable the default XSRF protection.


      
      static withOptions(options: {
    cookieName?: string;
    headerName?: string;
} = {}): ModuleWithProviders
    

Configure XSRF protection to use the given cookie name or header name, or the default names (as described above) if not provided.

Annotations

      
      @NgModule({
    providers: [
        HttpXsrfInterceptor,
        { provide: HTTP_INTERCEPTORS, useExisting: HttpXsrfInterceptor, multi: true },
        { provide: HttpXsrfTokenExtractor, useClass: HttpXsrfCookieExtractor },
        { provide: XSRF_COOKIE_NAME, useValue: 'XSRF-TOKEN' },
        { provide: XSRF_HEADER_NAME, useValue: 'X-XSRF-TOKEN' },
    ]
})