Dear Team, During a recent software scan, it was observed that the CSRF token is missing from both the headers and cookies of koha application. Could you confirm if it is feasible to configure koha application to include the CSRF token in both the headers and cookies? If yes, could you provide guidance or recommended practices for implementing this configuration? Secondly Is it possible to restrict the input of special characters in the Patron module, specifically for fields like the Patron Name? Regards, Vikram Zadgaonkar