ollie.earth / eater
mail based rss feed aggregator
2
fork

Configure Feed

Select the types of activity you want to include in your feed.

frontend: proper CSRF protection #13

open opened by ollie.earth

Currently the CSRF protection is pointless.
Tokens should be generated per session.
And once lustre actually supports it ?csrf-token=" <> csrf_token in webserver.serve_html should be replaced with the token in a meta tag.
As shown in the example

sign up or login to add to the discussion
Labels

None yet.

assignee

None yet.

Participants 1
AT URI
at://did:plc:cezmtk5bb4zipkps3abnjjl6/sh.tangled.repo.issue/3mjpohdxfw622