vodolaz095
commented
7 years ago related issue - https://detectify.com/report/fb7ade923fbe837098884177e004efda/1d5d7afd3fbfa44fea01489e86a4dd2a58c149d5/43f037ac-e638-4703-b3df-a3b27087b9c6
but as i have said, it is not used, no 10k api calls in loggly!!!! And, using cookie like this will more likely result in 10k entries in Bot Punished By {enterMiddlewareNameHere}
Enable XSRF-TOKEN cookie. Becasue if we had this vulnerability used, there would be ~ 1000 API calls in loggly every few minutes. See loggly - nothing like this
Log CSRF token errors to loggly too, it can be educative.
This change is