Skip to content

This upload endpoint performs a state-changing action using cookie auth but does not apply CSRF protection (most other /api/projects/* mutating routes call withCsrfProtection). Please add CSRF protection here to prevent cross-site uploads. #55

Description

@sudheerdotai

This upload endpoint performs a state-changing action using cookie auth but does not apply CSRF protection (most other /api/projects/* mutating routes call withCsrfProtection). Please add CSRF protection here to prevent cross-site uploads.

Originally posted by @Copilot in #54 (comment)

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions