diff --git a/templates/page/captcha.html.ep b/templates/page/captcha.html.ep
index 81403fe..b54b9f2 100644
--- a/templates/page/captcha.html.ep
+++ b/templates/page/captcha.html.ep
@@ -26,5 +26,6 @@
     ) %>
   </div>
   <%= hidden_field number => $roman_numeral, id => 'number' %>
+  <%= csrf_field %>
   <button type="submit" class="form-button">Answer</button>
 </form>
diff --git a/templates/remark/create.html.ep b/templates/remark/create.html.ep
index 55afb58..0eb43ae 100644
--- a/templates/remark/create.html.ep
+++ b/templates/remark/create.html.ep
@@ -55,6 +55,7 @@
     <%= check_box preview => 1, id => 'preview' %>
     <%= label_for preview => 'Preview' %>
   </div>
+  <%= csrf_field %>
   <button type="submit" class="form-button">Post</button>
 </form>
 <%# Putting this first above the thread body (nested if, yucky sry) %>