feat: implement CSRF protection across forms and routes

2026-05-09 22:09:19 +02:00
parent e8874f9220
commit d89d373a91
14 changed files with 147 additions and 8 deletions
--- a/crates/adapters/template-askama/templates/new_review.html
+++ b/crates/adapters/template-askama/templates/new_review.html
@@ -35,6 +35,7 @@
    Comment<br>
    <textarea name="comment"></textarea>
  </label>
+  <input type="hidden" name="_csrf" value="{{ ctx.csrf_token }}">
  <button type="submit">Log Review</button>
 </form>
 {% endblock %}