LocomotiveCMS - Documentation

Description

The csrf_meta tag gives the information the javascript code has to include for each AJAX POST request in order to prevent Cross-Site Request Forgery (CSRF) attacks.

By default, that protection is disabled in order to keep backwards compatibility with the existing public forms.

If you want to enable it, open your config/initializers/locomotive.rb file and toggle the csrf property on.

config.csrf_protection = true

Syntax

{% csrf_meta %}

Example

<html>
  <head>
  {% csrf_meta %}
  </head>
  ...
</html>

Contribute → Fork this page on GitHub

csrf_meta

Description

Syntax

Example

Objects

Logic

Filters

Tags