Is Cog CSRF protected? #27
Description
Since the Cog API (as far as I can tell) is only authenticated through a jwt cookie, I believe that Cog is therefore vulnerable to CSRF attacks.
{{ message }}
Since the Cog API (as far as I can tell) is only authenticated through a jwt cookie, I believe that Cog is therefore vulnerable to CSRF attacks.