Please add support for submitting CSRF tokens in headers like Flask-WTF. See here: https://github.com/lepture/flask-wtf/blob/master/flask_wtf/csrf.py

That will be great, unfortunately my hands are tied now, will do if I have enough time.

PRs with 100% documentation and test coverage are welcome.