The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Creative Commons Attribution Share Alike 4.0 International
27.08k
stars
3.79k
forks
source link
Update: Cross-Site_Request_Forgery_Prevention_Cheat_Sheet #1359
Closed
vvmuysew closed 3 months ago
What is missing or needs to be updated?
In the pseudo-code example showing how to properly do the singed double submit token there seems to be a missing " at the line of the SetCookie:
https://github.com/OWASP/CheatSheetSeries/blob/b181a604dd1f4a405ca1cd267b111a6a044e9f7b/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.md?plain=1#L107
How should this be resolved?
Change the
"; Secure)
by"; Secure")