25Şub
Is a JWT usable as a CSRF token?
I’m in need of a CSRF token, for a certain application that submits a form with POST. Ideally, I’d like to not make a DB call for each submission, to avoid storage and DB traffic & latency. To this end OWASP’s “CSRF Prevention Cheat Sh…