diff --git a/README.md b/README.md
index 9914e22..9055d21 100644
--- a/README.md
+++ b/README.md
@@ -10,20 +10,20 @@ Usage
To enable CSRF protection globally for a Quart app, you have to create an CSRFProtect and
initialise it with the application,
```python
- from quart_csrf import CSRFProtect
+from quart_csrf import CSRFProtect
- app = Quart(__name__)
- CSRFProtect(app)
+app = Quart(__name__)
+CSRFProtect(app)
```
or via the factory pattern,
```python
- csrf = CSRFProtect()
+csrf = CSRFProtect()
- def create_app():
- app = Quart(__name__)
- csrf.init_app(app)
- return app
+def create_app():
+ app = Quart(__name__)
+ csrf.init_app(app)
+ return app
```
Note: CSRF protection requires a secret key to securely sign the token. By default this will
@@ -31,26 +31,26 @@ use the QUART app's SECRET_KEY. If you'd like to use a separate token you can se
HTML Forms: render a hidden input with the token in the form.
```html
-
+
```
JavaScript Requests: When sending an AJAX request, add the X-CSRFToken header to it. For example, in jQuery you can configure all requests to send the token.
-```javascript
-
+```html
+
-
+ }
+ });
+
```
Contributing