Hotwire Discussion

Extend prepared headers for form submission


With the form submission and turbo frame, I can see that Turbo automatically adds a header named X-CSRF-Token. In my backend of choice, the CSRF token header is expected to be X-Flow-Csrftoken.

Is it somehow/how is it possible to hook in, and “extend” these prepared headers, and add/replace the CSRF token header, that is needed in this scenario?

Relevant code from the repository, preparing the header: turbo/form_submission.ts at b419c0de0b82025b1c7ba644efcb12c57c23d05d · hotwired/turbo · GitHub

Would this work:

document.addEventListener("turbo:before-fetch-request", ({ detail: { fetchOptions }) => 
  fetchOptions.headers["X-Flow-Csrftoken"] = "???"
1 Like

Yes, lovely! :slight_smile: Thank you @tleish :santa: