(tooling-trusted-releases) branch sbp updated: Add audit guidance about empty form CSRF protection

sbp Wed, 11 Mar 2026 08:09:59 -0700

This is an automated email from the ASF dual-hosted git repository.

sbp pushed a commit to branch sbp
in repository https://gitbox.apache.org/repos/asf/tooling-trusted-releases.git



The following commit(s) were added to refs/heads/sbp by this push:
     new d71a7ffc Add audit guidance about empty form CSRF protection
d71a7ffc is described below

commit d71a7ffca1cba7ecf917d10a96ca5635131c366a
Author: Sean B. Palmer <[email protected]>
AuthorDate: Wed Mar 11 15:09:20 2026 +0000

    Add audit guidance about empty form CSRF protection
---
 atr/form.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/atr/form.py b/atr/form.py
index 4417478b..2ddcca51 100644
--- a/atr/form.py
+++ b/atr/form.py
@@ -54,6 +54,7 @@ class Form(schema.Form):
 
 
 class Empty(Form):
+    # audit_guidance not really empty, as schema.Form has a mandatory CSRF 
field
     pass
 
 


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

(tooling-trusted-releases) branch sbp updated: Add audit guidance about empty form CSRF protection

Reply via email to