diff --git a/drama/routes/comments.py b/drama/routes/comments.py
index cf31f2f12e..ee58b7e0b7 100644
--- a/drama/routes/comments.py
+++ b/drama/routes/comments.py
@@ -558,7 +558,8 @@ def api_comment(v):
 
 
 @app.post("/edit_comment/<cid>")
-@auth_desired
+@is_not_banned
+@validate_formkey
 def edit_comment(cid, v):
 
 	c = get_comment(cid, v=v)