Closed phalgunv closed 11 months ago
Wikipedia page for CSRF mentions Cookie to header token as an anti-CSRF technique. https://en.wikipedia.org/wiki/Cross-site_request_forgery#Cookie-to-header_token
The cheetsheet should be updated to mention the same.
I agree, this cheat sheet should be updated to include this. Would you like to work on this and submit a PR?
Sure, I'll be happy to raise a PR.
I'm on a vacation now, will take a stab at this some next week.
What is missing or needs to be updated?
Wikipedia page for CSRF mentions Cookie to header token as an anti-CSRF technique. https://en.wikipedia.org/wiki/Cross-site_request_forgery#Cookie-to-header_token
How should this be resolved?
The cheetsheet should be updated to mention the same.