Replace README.md

2020-11-10 02:41:04 +00:00 · 2020-11-10 02:41:04 +00:00 · 00000be5fb
commit 00000be5fb
parent d1de4f537b
1 changed files with 22 additions and 22 deletions
--- a/README.md
+++ b/README.md
@ -10,20 +10,20 @@ Usage
 To enable CSRF protection globally for a Quart app, you have to create an CSRFProtect and
 initialise it with the application,
 ```python
-    from quart_csrf import CSRFProtect
+from quart_csrf import CSRFProtect

-    app = Quart(__name__)
-    CSRFProtect(app)
+app = Quart(__name__)
+CSRFProtect(app)
 ```

 or via the factory pattern,
 ```python
-    csrf = CSRFProtect()
+csrf = CSRFProtect()

-    def create_app():
-        app = Quart(__name__)
-        csrf.init_app(app)
-        return app
+def create_app():
+    app = Quart(__name__)
+    csrf.init_app(app)
+    return app
 ```

 Note: CSRF protection requires a secret key to securely sign the token. By default this will
@ -31,26 +31,26 @@ use the QUART app's SECRET_KEY. If you'd like to use a separate token you can se

 HTML Forms: render a hidden input with the token in the form.
 ```html
-    <form method="post">
-        <input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>
-    </form>
+<form method="post">
+    <input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>
+</form>
 ```

 JavaScript Requests: When sending an AJAX request, add the X-CSRFToken header to it. For example, in jQuery you can configure all requests to send the token.
-```javascript
-    <meta name="csrf-token" content="{{ csrf_token() }}">
+```html
+<meta name="csrf-token" content="{{ csrf_token() }}">

-    <script>
-        var csrf_token = $('meta[name=csrf-token]').attr('content');  // "{{ csrf_token() }}";
+<script>
+    var csrf_token = $('meta[name=csrf-token]').attr('content');  // "{{ csrf_token() }}";

-        $.ajaxSetup({
-            beforeSend: function(xhr, settings) {
-                if (!/^(GET|HEAD|OPTIONS|TRACE)$/i.test(settings.type) && !this.crossDomain) {
-                    xhr.setRequestHeader("X-CSRFToken", csrf_token);
-                }
+    $.ajaxSetup({
+        beforeSend: function(xhr, settings) {
+            if (!/^(GET|HEAD|OPTIONS|TRACE)$/i.test(settings.type) && !this.crossDomain) {
+                xhr.setRequestHeader("X-CSRFToken", csrf_token);
            }
-        });
-    </script>
+        }
+    });
+</script>
 ```

 Contributing