This repository has been archived by the owner on Feb 3, 2020. It is now read-only.
csrf #10
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
{{ message }}
Hi!
Am I right that since the secure session cookie gets updated on every request and is definitely a nonce, it can be used also as CSRF token for free?
TIA,
--Vladimir
The text was updated successfully, but these errors were encountered: