Address CSRF concern #10

Open

opened

on Jan 14, 2022

Reliance on session ID cookie makes us vulnerable to CSRF attacks. Consider configuring the container to assign samesite :strict for the session cookie or implement CSRF token.

Metadata

Assignees

No one assigned

Labels

No labels

No labels

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests