Changes

Jump to: navigation, search

WebAppSec/Secure Coding Guidelines

23 bytes added, 11:12, 23 September 2011
added requirement to CSRF protection to ensure tokens are tied to the session
* Characteristics of a CSRF Token
** Unique per user & per user session
** Tied to the session
** Large random value
** Generated by a cryptographically secure random number generator
Mgoodwin
Confirm
81
edits
Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/350700"

Navigation menu