diff --git a/Admin/Routes/Web/Api.php b/Admin/Routes/Web/Api.php
index 3b62f56..89c79b3 100755
--- a/Admin/Routes/Web/Api.php
+++ b/Admin/Routes/Web/Api.php
@@ -22,6 +22,7 @@ return [
         [
             'dest'       => '\Modules\Comments\Controller\ApiController:apiCommentCreate',
             'verb'       => RouteVerb::PUT,
+            'csrf'       => true,
             'permission' => [
                 'module' => ApiController::NAME,
                 'type'   => PermissionType::CREATE,
@@ -31,6 +32,7 @@ return [
         [
             'dest'       => '\Modules\Comments\Controller\ApiController:apiCommentUpdate',
             'verb'       => RouteVerb::SET,
+            'csrf'       => true,
             'permission' => [
                 'module' => ApiController::NAME,
                 'type'   => PermissionType::CREATE,
@@ -42,6 +44,7 @@ return [
         [
             'dest'       => '\Modules\Comments\Controller\ApiController:apiCommentListUpdate',
             'verb'       => RouteVerb::SET,
+            'csrf'       => true,
             'permission' => [
                 'module' => ApiController::NAME,
                 'type'   => PermissionType::CREATE,
@@ -53,6 +56,7 @@ return [
         [
             'dest'       => '\Modules\Comments\Controller\ApiController:apiChangeCommentVote',
             'verb'       => RouteVerb::PUT | RouteVerb::SET,
+            'csrf'       => true,
             'permission' => [
                 'module' => ApiController::NAME,
                 'type'   => PermissionType::CREATE,