This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
User contributions
- 07:14, 3 May 2011 (diff | hist) . . (+23) . . m Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet (Added minor edit about resetting the token after an unsuccessful per-session token mismatch, otherwise the hacker can double submi the form to find out the per-session token)