#Use of CSRF mitigation techniques in Appwrite SDK-s

I'm curious if Appwrite implements some kind of defense mehanism against Cross-Site Request Forgery attacks?
This question is tied to the method or libraries Appwrite uses in client-side SDK-s to communicate with the Appwrite backend server. For Web SDK for instance, if the communication channel is implemented using the builtin fetch() coroutine, then CSRF protection must be configured manually. If a library like Axios is used, then CSRF protection is automatic, because Axios has it builtin. Therefore my question is, does Appwrite use the builtin fetch() coroutine and if it does, then has CSRF protection been implemented by the Appwrite team?

Appwrite shouldn't be susceptible to CSRF attacks because custom headers are required in the request. Feel free to create a POC if you find any security vulnerabilities and share them with [email protected]