This blog is closed, new posts will be published at http://sakurity.com/blog Thanks for being with me here for so many years :) I read a post about CSRF on DigitalOcean (in Russian) by Sergey Belove. My first reaction was, obviously, how come? DigitalOcean is not kind of a team that would have lame "skip_before_action :verify_authenticity_token". DigitalOcean uses Doorkeeper, the most popular OAut