I have the following code in a global.js library:
This set the csrf token for any REST call that modifies data (POST, PUT, DELETE).
The problem is that the Upload widget does not use it, and the server requests are being rejected due to missing authorization (403 Response). This forces me to init. my Upload widget with the following callback:
Please advise why this is necessary and why this is required. Does the Upload not use jQuery to execute the Ajax calls?