
Ruby on Rails Description of a CSRF Attack - emson
http://ianloic.com/2007/05/18/insecurity_is_ruby_on_rails_best_practice/
======
bittersweet
Please keep in mind this is from 18 may 2007... CSRF protection is now enabled
by default.

