Summary: I think I'm missing something about apigility.org - help me figure it out. Facebook's team fixes CSRF exploit in 2 hours. Is Rails' CookieStore broken by default, or working just fine? KnockoutJS 3 was released - upgrade/change notes are here for your reading pleasure.