Fetch, set-cookies and csrf

Question

I m using Isomorphic fetch in my application and I m having some troubles dealing with CSRF.

Actually, I m having a backend that sends me a CSRF-TOKEN in set-cookies

Answer 1

Yes header name depends on your server. For example django usecase to setup CSRF token using fetch is like this:

  headers: {
    'Accept': 'application/json',
    'Content-Type': 'application/json; charset=UTF-8',
    'X-CSRFToken': get_token
  },