Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
M
M
myspace2017-01-25 21:20:51
CSRF
myspace, 2017-01-25 21:20:51

Am I understanding csrf correctly?

Entering a login and password - installing csrf and writing it to the database and to the session - when submitting forms, verifying csrf from the session with csrf from the database. But questions arise, based on what parameters to generate a csrf token?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
D
D3lphi, 2017-01-25
@myspace

Adding to the database is redundant. What settings? Random string + user ip + user agent of the user.

Similar questions
U
userAgent1222020-06-18 19:02:42
Website token, how to get/parse it correctly? 1Reply
V
Vitaliy Semyanchuk2014-01-29 14:22:25
How to protect yourself from CSRF? 1Reply
S
Stepgor2020-09-11 02:04:01
Is it safe to receive a csrf token through a request to the server? 0Reply
S
sumi3sew2019-03-17 12:24:07
How to get cookie data for post request? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question