search

lotusbase / lotus.au.dk

Lotus Base website
https://lotus.au.dk
MIT License
2 stars 1 forks source link

Use Mailchimp API for front page signup form to avoid CSRF attacks #25

Closed terrymun closed 6 years ago

terrymun commented 7 years ago

Right now we are using an embedded form from MailChimp. Migrate away from this, and create a private API endpoint to process subscriptions.

terrymun commented 6 years ago

MailChimp probably has its own algorithm to detect CSRF attacks, so this change is not needed.