Add Random String Verification to Prevent CSRF

web security

Cross-Site Request Forgery(CSRF) is difficult to trace, it could cause great harm. The attacker can use CSRF to prank, send spam information, delete data and so on. So how do we prevent CSRF? To deal with increasing CSRF attacks, Yahoo added a random string called crumb to the form. Facebook has similar solution, if you […]