paulsmith opened this issue 2 years ago · 0 comments
Add cross-site request forgery protection. I like the way Django does it. Since we compile the template the form is in, we could provide automatic rewriting of the HTML to inject the CSRF token.