Hacker News new | ask | show | jobs
by chias 3460 days ago
In this vein, one thing I'm not seeing (although I haven't finished reading the "book" yet) is built-in CSRF protection.

While not difficult to implement correctly yourself, I've found that applications written on frameworks that don't include this in the box tend to be applications vulnerable to CSRF.
1 comments
steveklabnik 3460 days ago
https://github.com/SergioBenitez/Rocket/issues/14
link
chias 3460 days ago
Excellent! I'm glad to see that this is on the roadmap :)
link