security: document and explain session CSRF safety better
There are no commits yet
Push commits to the source branch or add previously merged commits to review them.
Created by: slimsag
Stacked on top of #27298
The docstring already does a good job of explaining what this function does, but it was left up to the reader to then apply that logic to the actual code. Instead, we should also make the logic flow documented so that it is easy to follow, and easy to reason about changes to this code in the future.
Signed-off-by: Stephen Gutekanst stephen@sourcegraph.com
Push commits to the source branch or add previously merged commits to review them.