Added a bit more info on what csrf does

Thanks @rschamp for the suggestion!
2025-02-17 00:21:20 -05:00 · 2016-01-19 16:04:08 -05:00 · 2016-01-19 16:04:08 -05:00 · 5858bb94bb
commit 5858bb94bb
parent 112cad14e3
1 changed files with 2 additions and 1 deletions
--- a/src/mixins/api.jsx
+++ b/src/mixins/api.jsx
@ -9,7 +9,8 @@ var CookieMixinFactory = require('./cookieMixinFactory.jsx');
 /**
 * Component mixin that constructs requests to the scratch api.
 * Custom arguments:
- *     - useCsrf [boolean] – handles csrf construction for POST requests
+ *     - useCsrf [boolean] – handles unique csrf token retrieval for POST requests. This prevents
+ *       CSRF forgeries (see: https://www.squarefree.com/securitytips/web-developers.html#CSRF)
 *
 * It also takes in other arguments specified in the xhr library spec.
 */