Hi,
I have to enable batch uploads to my website with CURL and forgery protection in ApplicationController is standing in my way. I do use the restful authentication plugin and I do call login_required on all actions. Should I keep forgery protection around?
Forgery protection only makes sure that the client request has originated from client's session, right? Is there anything else than I would be missing in terms of security?
Thanks, Tiberiu