* Merge remote-tracking branch 'refs/remotes/origin/dev' into fix-for-csrf
Fix CSRF protection
Seems like it doesn't work anymore...
I tried to
fix it but couldn't get /api without csrf. So I changed the
dependency
for another csrf package (nosurf).
Behavior: Same as previously. You
just have to include the block
csrf_token
* changing dependency to nosurf
