I have to enable batch uploads to my website with CURL and forgery
protection in ApplicationController is standing in my way. I do use
the restful authentication plugin and I do call login_required on all
actions. Should I keep forgery protection around?
Forgery protection only makes sure that the client request has
originated from client’s session, right? Is there anything else than I
would be missing in terms of security?