Open wasade opened 10 years ago
This issue is related to: https://github.com/biocore/qiita/issues/719
If we actually implement this we need to change all our post forms, which might be tricky as we will need to test that everything works as expected.
Also, I'm gonna close https://github.com/biocore/qiita/issues/719, because I think they are basically addressing the same issue but here we have links to the actual solution.
Any reason to not use xsrf_form_html? I believe we're not using Tornado's native XSRF protection at this time. Need to add
"xsrf_cookies": True,
into settings. More details here