4👍
✅
Your second way ($httpProvider.defaults) is probably the best way to do it. See the angular docs on http here. The xsrfCookieName and xsrfHeaderName options are relatively new in Angular. (I think they came in in 1.3, if memory serves…) So the other code you found probably just predated the newer, better way to do it. No need for a rendering or escape call in the template = cleaner code.
Source:stackexchange.com