Skip to content

Enforce POST in /logout route

  • I have summed up the feature in concise words in the Summary section.
  • I have completely described the feature in the Description section.

Summary

Enforce POST requests toward the /logout route.

Description

The /logout route currently served out GET and POST endpoints. GET requests should only retrieve data, so logging out should really only be possible with a POST request. This seems solvable by just including a tiny form in the navbar instead of a link.

Edited by Kevin Morris
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information