feat(auth): Add optional CSRF protection (#697)

* fix(auth): Missing CSRF middleware Resolves LGTM alert/error for query js/missing-token-validation More info: https://lgtm.com/rules/1506064038914/
2026-01-01 12:18:35 -05:00 · 2021-01-24 21:27:57 -05:00
parent 4b0241c3b3
commit 6e2589178b
7 changed files with 98 additions and 3 deletions
--- a/src/i18n/locale/en.json
+++ b/src/i18n/locale/en.json
@@ -378,6 +378,8 @@
  "components.Settings.autoapprovedrequests": "Send notifications for auto-approved requests",
  "components.Settings.cancelscan": "Cancel Scan",
  "components.Settings.copied": "Copied API key to clipboard",
+  "components.Settings.csrfProtection": "Enable CSRF Protection",
+  "components.Settings.csrfProtectionTip": "Sets external API access to read-only (Overseerr must be reloaded for changes to take effect)",
  "components.Settings.currentlibrary": "Current Library: {name}",
  "components.Settings.default": "Default",
  "components.Settings.default4k": "Default 4K",