Hide the `oauth2_disable_csrf` setting (#41)

It can be useful for homegrown CSRF setups or while debugging but it is not secure and should only be used if you really know what you're doing.
2021-04-21 13:30:28 -04:00 · 2021-04-21 13:30:28 -04:00 · 60eeb0d338
parent f45cd3edf9
commit 60eeb0d338
1 changed files with 1 additions and 0 deletions
--- a/config/settings.yml
+++ b/config/settings.yml
@ -49,3 +49,4 @@ login:
    default: false
  oauth2_disable_csrf:
    default: false
+    hidden: true