From b12997c7e352724a497a0a3f90487ea5db4495db Mon Sep 17 00:00:00 2001
From: David Kennedy <david.kennedy@associates.cisa.dhs.gov>
Date: Thu, 6 Jun 2024 10:50:18 -0400
Subject: [PATCH] added csrf token header to ajax calls

---
 src/registrar/assets/js/get-gov.js | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/registrar/assets/js/get-gov.js b/src/registrar/assets/js/get-gov.js
index 55ece718d..49742b21b 100644
--- a/src/registrar/assets/js/get-gov.js
+++ b/src/registrar/assets/js/get-gov.js
@@ -1274,6 +1274,7 @@ document.addEventListener('DOMContentLoaded', function() {
         method: 'POST',
         headers: {
           'Content-Type': 'application/x-www-form-urlencoded',
+          'X-CSRFToken': csrfToken,
         },
         body: formData
       })