diff --git a/templates/page/captcha.html.ep b/templates/page/captcha.html.ep
index 81403fe..b54b9f2 100644
--- a/templates/page/captcha.html.ep
+++ b/templates/page/captcha.html.ep
@@ -26,5 +26,6 @@
) %>
<%= hidden_field number => $roman_numeral, id => 'number' %>
+ <%= csrf_field %>
diff --git a/templates/remark/create.html.ep b/templates/remark/create.html.ep
index 55afb58..0eb43ae 100644
--- a/templates/remark/create.html.ep
+++ b/templates/remark/create.html.ep
@@ -55,6 +55,7 @@
<%= check_box preview => 1, id => 'preview' %>
<%= label_for preview => 'Preview' %>
+ <%= csrf_field %>
<%# Putting this first above the thread body (nested if, yucky sry) %>