CSRFtoken implementation in the HTTP header #11
Description
Hi,
I am submitting a proposal for an enhancement whereby Evolutility UI is able to add custom HTTP header to the HTTP requests. The header will be used to for Cross-Site Request Forgery prevention.
(more on the topic here: https://www.owasp.org/index.php/Cross-Site_Request_Forgery_%28CSRF%29_Prevention_Cheat_Sheet).
[ ] The implementation of the enhancement requires a new method in the controller app javascript to set a custom header + value in the HTTP request (processed by XHR/jQuery).
Thanks,
Piotr