diff -Nur --no-dereference perl-CGI-FormMagick-0.93.old/lib/CGI/FormMagick/Events.pm perl-CGI-FormMagick-0.93/lib/CGI/FormMagick/Events.pm
--- perl-CGI-FormMagick-0.93.old/lib/CGI/FormMagick/Events.pm	2021-03-06 01:02:20.026000000 -0500
+++ perl-CGI-FormMagick-0.93/lib/CGI/FormMagick/Events.pm	2021-03-06 15:12:29.451000000 -0500
@@ -83,8 +83,7 @@
         $self->debug_msg("Request method should be POST.")  unless (($self->{cgi}->request_method || '') eq 'POST') ;
         return unless (($self->{cgi}->request_method || '') eq 'POST');
         if ($self->{csrf} and ( ($self->{cgi}->param('csrf_token') || '') ne $self->{cgi}->param('csrf_token_compare')
-           or $self->{cgi}->param('csrf_timestamp') + 120  < time ) ) {
-	    # only 3 min to validate form
+           or $self->{cgi}->param('csrf_timestamp') + $self->{'csrfdelay'}  < time ) ) {
 	    $self->debug_msg("SRF protection blocked request");
             warn "CSRF protection blocked request\n";
             return $self->error($self->localise('CSRF_VALIDATION_FAILURE'));
@@ -146,8 +145,7 @@
     $self->debug_msg("Request method should be POST.")  unless (($self->{cgi}->request_method || '') eq 'POST') ;
     return unless (($self->{cgi}->request_method || '') eq 'POST');
     if ($self->{csrf} and ( ($self->{cgi}->param('csrf_token') || '') ne $self->{cgi}->param('csrf_token_compare')
-       or $self->{cgi}->param('csrf_timestamp') + 120  < time ) ) {
-        # only 3 min to validate form
+       or $self->{cgi}->param('csrf_timestamp') + $self->{'csrfdelay'}  < time ) ) {
         $self->debug_msg("SRF protection blocked request");
         warn "CSRF protection blocked request\n";
         return $self->error($self->localise('CSRF_VALIDATION_FAILURE'));
diff -Nur --no-dereference perl-CGI-FormMagick-0.93.old/lib/CGI/FormMagick.pm perl-CGI-FormMagick-0.93/lib/CGI/FormMagick.pm
--- perl-CGI-FormMagick-0.93.old/lib/CGI/FormMagick.pm	2021-03-06 01:02:20.026000000 -0500
+++ perl-CGI-FormMagick-0.93/lib/CGI/FormMagick.pm	2021-03-06 15:10:37.562000000 -0500
@@ -183,6 +183,7 @@
     $self->{cgi}        = $args{cgi};
     $self->{debug}      = $args{debug}      || 0;
     $self->{csrf}       = $args{csrf} || 0;
+    $self->{csrfdelay}       = $args{csrfdelay} || 180;
 
     if ($self->{cgi}) {
         if ($args{sessiondir}) {