Tuesday, March 29, 2016

Cross-Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF)

Preventing Cross-Site Request Forgery in Go
https://elithrar.github.io/article/preventing-csrf-attacks-in-go/

Why refresh CSRF token per form request?
http://security.stackexchange.com/questions/22903/why-refresh-csrf-token-per-form-request

Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet
https://www.owasp.org/index.php/Cross-Site_Request_Forgery_%28CSRF%29_Prevention_Cheat_Sheet#Double_Submit_Cookies

No comments: