stronglink icon indicating copy to clipboard operation
stronglink copied to clipboard

Published 20 hours ago verified publisher icon btrask

CSRF tokens

Open btrask opened this issue 9 years ago • 0 comments

Use CSRF tokens in all of our POST forms.

  • Blog composer (/new)
  • Blog uploader (/up)
  • Login and registration forms

Also think about how to protect our upload API (POST /sln/file). Need some sort of API token or something?

Store the tokens in memory, not in the database.

btrask avatar Mar 26 '15 18:03 btrask