Is there a spec for what a CSRF token should look like, like UUIDs? Or do people just hope for good-faith attempts? Can it have spaces? Can it be Bobby Tables?
QOTO: Question Others to Teach Ourselves An inclusive, Academic Freedom, instance All cultures welcome. Hate speech and harassment strictly forbidden.