Skip to content

security: document and explain session CSRF safety better

Administrator requested to merge sg/public-api-refactor-4 into main

Created by: slimsag

Stacked on top of #27298

The docstring already does a good job of explaining what this function does, but it was left up to the reader to then apply that logic to the actual code. Instead, we should also make the logic flow documented so that it is easy to follow, and easy to reason about changes to this code in the future.

Signed-off-by: Stephen Gutekanst [email protected]

Merge request reports

Loading