<script type="text/javascript" language="javascript">
var csrfParameter = $("meta[name='_csrf_parameter']").attr("content");
var csrfHeader = $("meta[name='_csrf_header']").attr("content");
var csrfToken = $("meta[name='_csrf']").attr("content");
// using JQuery to send a non-x-www-form-urlencoded request
var headers = {};
headers[csrfHeader] = csrfToken;
$.ajax({
url: "http://www.example.org/do/something",
type: "POST",
headers: headers,
...
});
<script>
$.ajax({
url:'/orders/3',
type:'DELETE',
dataType:'JSON',
contentType:'application/json;charset=UTF-8',
success:function(data, status) {
console.log(data);
},
error: function(data, status){
console.log(status);
},
beforeSend:function(xhr){
xhr.setRequestHeader($("meta[name='_csrf_header']").attr("content"), $("meta[name='_csrf']").attr("content"));
}
});