Hacker News new | ask | show | jobs
by ptman 2311 days ago
you might not need more advanced csrf protection than a cookie samesite policy.
1 comments
zadokshi 2306 days ago
Then throw a hidden input field with a CSRF token in your form and your done.

Not sure what the big deal is here.

link