From b5ca34989bf268af52981f70f73f94560b44f25a Mon Sep 17 00:00:00 2001 From: Thomas Landauer Date: Thu, 15 Feb 2024 17:18:47 +0100 Subject: [PATCH] [Security] Minor The link target is in fact just a few lines further down. --- security.rst | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/security.rst b/security.rst index 36bed55587e..6f424efc72a 100644 --- a/security.rst +++ b/security.rst @@ -913,8 +913,7 @@ The form can look like anything, but it usually follows some conventions: .. danger:: - This login form is currently not protected against CSRF attacks. Read - :ref:`form_login-csrf` on how to protect your login form. + This login form is currently not protected against CSRF attacks (see below). And that's it! When you submit the form, the security system automatically reads the ``_username`` and ``_password`` POST parameter, loads the user via