Y
Hacker News
new
|
ask
|
show
|
jobs
by
schleppy_oc
4787 days ago
Why not just use a simple csrf stored in a session? You already have an "authenticiy_token" in the request data, why not use it, or add another value for csrf?