sections_fts: 72
This data as json
| rowid | title | content |
|---|---|---|
| 72 | CSRF protection no longer uses CSRF tokens | Datasette's token-based CSRF protection has been replaced with a mechanism based on the Sec-Fetch-Site and Origin request headers, which are supported by all modern browsers . See this article by Filippo Valsorda for more details of this approach. This removes the need for CSRF tokens in forms and AJAX requests. ( #2689 ) |