Open SteffenL opened 12 years ago
Don't assume that the document has elements named csrf-param and csrf-token. Get CRSF token name from user options, and the token itself from user params.
I guess this doesn't make it any more secure, but at least it shouldn't be any less secure?
Don't assume that the document has elements named csrf-param and csrf-token. Get CRSF token name from user options, and the token itself from user params.