CSRF protection without cookie (DSGVO/GDPR)

CSRF protection without cookie (DSGVO/GDPR)

jreklund
Administrator
Posts: 1,408
Threads: 3
Joined: Aug 2017
Reputation: 42

08-01-2018, 03:32 AM

Do you have login? If not, there are no need for CSRF. Then they can just target users to submit a contact form/search function.

So just do the check in login form.

Messages In This Thread

CSRF protection without cookie (DSGVO/GDPR) - by Kel - 07-29-2018, 11:52 PM

RE: CSRF protection without cookie (DSGVO/GDPR) - by jreklund - 07-30-2018, 02:48 PM

RE: CSRF protection without cookie (DSGVO/GDPR) - by Kel - 07-31-2018, 11:40 PM

RE: CSRF protection without cookie (DSGVO/GDPR) - by jreklund - 08-01-2018, 01:49 AM

RE: CSRF protection without cookie (DSGVO/GDPR) - by Kel - 08-01-2018, 03:02 AM

RE: CSRF protection without cookie (DSGVO/GDPR) - by jreklund - 08-01-2018, 03:32 AM