mirror of
https://gitea.invidious.io/iv-org/shard-kemal.git
synced 2024-08-15 00:53:36 +00:00
e407d0195c
This adds a middleware which, when activated, will deny any form submission which does not include a valid `authenticity_token` parameter or `http-x-csrf-token` header with the request. The header and parameter names are identical to the ones supported by Ruby's rack-protection gem for interoperability purposes. |
||
---|---|---|
.. | ||
csrf_spec.cr | ||
filters_spec.cr | ||
http_basic_auth_spec.cr |