Hello. Is it worth adding a note about the new per-form CSRF tokens feature in Rails 5 and recommending to turn it on?

config.action_controller.per_form_csrf_tokens = true

Hey @monfresh, sorry for the late response. I haven't used this feature yet and "the attack described here is very niche" according to the Rails PR, so don't think it's worth including.