Cross Site Request Forgery (CSRF)
Written by Ulises GascónApr 08, 2020 — 1 min read
Image from Christopher Makarem
This attack can be mitigated by using a different and personalized token in each request. In nodejs, the csurf library is highly recommended.
- The Recommendations for HTTP Headers in this guide
- The Best practices for Express in this guide
- The Best practices for React in this guide