codewarrior icon indicating copy to clipboard operation
codewarrior copied to clipboard

Published 20 hours ago verified publisher icon CoolerVoid

improve the anti-csrf token

Open CoolerVoid opened this issue 9 years ago • 0 comments

So token with timeout is not necessary, because repeat any times... this loss security... Change timeout options to use session, each time put diferent token and uses HMAC() function in sha256().

CoolerVoid avatar Sep 17 '16 20:09 CoolerVoid