Do not add sensitive request headers for cross domain requests
Prevents leaking the CSRF token to another third-party domain by mistake.
Please register or sign in to comment
Prevents leaking the CSRF token to another third-party domain by mistake.