Closed grantwest closed 11 months ago
Would you be open to a PR that makes the csrf unprotected methods configurable?
The use case would be a rest api protected by including the x-csrf-token header. In this case we might as well protect the get method on our api pipeline.
Yes!
Closing this. If still interested, a PR is welcome!
Would you be open to a PR that makes the csrf unprotected methods configurable?
The use case would be a rest api protected by including the x-csrf-token header. In this case we might as well protect the get method on our api pipeline.