mirror of
https://github.com/itflow-org/itflow
synced 2026-02-28 10:54:52 +00:00
61777116a9
Upon login, issue the user a CSRF token (in their session). This token should be provided when completing sensitive actions (e.g. deleting companies/clients, changing their password, etc.) Ref: https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#synchronizer-token-pattern
8.2 KiB
8.2 KiB