Apr 14
datasette PR #2689: Replace token-based CSRF with Sec-Fetch-Site header protection
★★★★★
significance 1/5
Simon Willison updated Datasette to replace token-based CSRF protection with Sec-Fetch-Site header protection. The change was largely implemented with the assistance of Claude Code and reviewed by GPT-5.4.
Why it matters
Automated code refactoring via LLMs is moving from simple generation to complex, structural security logic updates.
Entities mentioned
Simon Willison DatasetteTags
#datasette #security #csrf #ai-assisted-codingRelated coverage
- arXiv cs.CLAu-M-ol: A Unified Model for Medical Audio and Language Understanding
- Simon WillisonIntroducing talkie: a 13B vintage language model from 1930
- Hugging FaceAdaptive Ultrasound Imaging with Physics-Informed NV-Raw2Insights-US AI
- Simon Willisonmicrosoft/VibeVoice
- WIRED AIThe Man Behind AlphaGo Thinks AI Is Taking the Wrong Path