This is just a small Rack middleware whose only goal is to lessen the hazards posed by CSRF attacks by trying to ensure that all requests of particular types come from the right client, not from a mischievous impersonator. Rack::Csrf is not tailored to any particular web framework, so it can be used with your preferred Rack-based framework. WWW: https://github.com/baldowl/rack_csrf