1. GitHub Proposal: Switch from CSRF Tokens to Fetch Metadata Headers for Security & UX
A proposal on GitHub advocates for a fundamental shift in how a project handles Cross-Site Request Forgery (CSRF) protection, moving away from traditional per-form tokens to a system based on validating fetch metadata headers. The core argument is that this change offers a more streamlined implementation and a signific...