no name said about 7 years ago on WYSIWYG Editor with Trix :

Hey, nice screencast!


It was really useful, but I've noticed one thing. There is no CSRF protection for file uploads and deletes. This could be really dangerous and I think that it should be fixed.


Btw. commenting is painful. I had to sign up, confirm my email, etc. I had to take a lot of different steps in order to write this comment. It would be great if you could simplify this process.