meet: Move the CSRF to a query string argument

Move the CSRF check to a query string parameter instead of a request
header. Doing this because I need to make the request from a
Greasemonkey script, and it gets CORS-blocked if I add a non-whitelisted
header to the request.

Also rename the CSRF variable to "csrf-ish" since it's a hard-coded
random string.

0 files changed, 0 insertions, 0 deletions