security: document and explain session CSRF safety better (!27303) · Merge requests · Warren Gifford / sourcegraph

Warren Gifford requested to merge sg/public-api-refactor-4 into main Nov 09, 2021

Created by: slimsag

Stacked on top of #27298

The docstring already does a good job of explaining what this function does, but it was left up to the reader to then apply that logic to the actual code. Instead, we should also make the logic flow documented so that it is easy to follow, and easy to reason about changes to this code in the future.

Signed-off-by: Stephen Gutekanst [email protected]

security: document and explain session CSRF safety better

Merge request reports