Expand description
CSRF protection via Content-Type enforcement.
Rejects POST requests that do not carry Content-Type: application/json.
This prevents cross-site request forgery via text/plain or
application/x-www-form-urlencoded form submissions.
Functionsยง
- require_
json_ content_ type - Middleware that rejects POST requests without a JSON Content-Type.