e407d0195c
This adds a middleware which, when activated, will deny any form submission which does not include a valid `authenticity_token` parameter or `http-x-csrf-token` header with the request. The header and parameter names are identical to the ones supported by Ruby's rack-protection gem for interoperability purposes. |
||
|---|---|---|
| .. | ||
| csrf_spec.cr | ||
| filters_spec.cr | ||
| http_basic_auth_spec.cr | ||