-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add ability to "opt out" of CsrfOptions.IMPLICIT #34
Comments
I'm not completely sure if this is something we should support. Assigning to "Future" for now. Anyone feel free to comment if you disagree with this decision. |
Think this is something we should discuss together with #22. |
Agreed. However, I still don't see a use case for disabling such an important security feature. |
Think we should close this, because of those two reasons:
Any other thoughts? |
I agree that we should close this issue! 👍 |
Sunday Oct 25, 2015 at 19:01 GMT
Originally opened as mvc-spec/mvc-spec#70
Original issue MVC_SPEC-58 created by kito75:
It'd be nice to opt out of implicit CSRF protection, maybe with an annotation like @CsrfValidDisabled,
The text was updated successfully, but these errors were encountered: