Use modern CSRF protection from stdlib

### Please confirm

- [x] I have searched existing issues to check if an issue already exists for my feature request.

### Is your feature request related to a problem? Please describe.

LXD is now using Go 1.25 which comes with native [CSRF protection](https://pkg.go.dev/net/http#CrossOriginProtection).

Based on [this blog](https://www.alexedwards.net/blog/preventing-csrf-in-go), I think we could drop some custom code and leverage the builtin protection instead.

### Describe the solution you'd like

Remove custom code and replace it with code from `net/http` to reduce the maintenance burden.

### Describe alternatives you've considered

_No response_

### Additional context

_No response_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Use modern CSRF protection from stdlib #16747

Please confirm

Is your feature request related to a problem? Please describe.

Describe the solution you'd like

Describe alternatives you've considered

Additional context

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Use modern CSRF protection from stdlib #16747

Description

Please confirm

Is your feature request related to a problem? Please describe.

Describe the solution you'd like

Describe alternatives you've considered

Additional context

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions