I'm trying to login via POST to a website that uses django CSRF.
WinJS.xhr({
type: "post",
url: "myurl",
headers: { "Content-type": "application/x-www-form-urlencoded", "Referer": "referalURL"},
data: params
}).then(success, failure)
Is that all that's required to set the referer header in the XHR post? Because I'm getting an error that it's not set. I know that cookies are taken out of response headers so I was curious if there were other undocumented header changes.
