CSRF Token

csrf_token() returns the current CSRF token string for the active request when used within a template(). Calling it outside of a template() context will result in an error.

In most cases, CSRF tokens are inserted automatically for standard form helpers. Intended for custom forms / custom token placement (meta tags, JS fetch, etc).

Usage

csrf_token()

See also

api_csrf

Examples

page <- template({
    html(
        head(
            meta(name = "csrf-token", content = csrf_token())
        ),
        body(
            div("App content")
        )
    )
})
page()
#> <html>
#>   <body>
#>     <div>App content</div>
#>   </body>
#> </html>