Follow
Is there a spec for what a CSRF token should look like, like UUIDs? Or do people just hope for good-faith attempts? Can it have spaces? Can it be Bobby Tables?
Is there a spec for what a CSRF token should look like, like UUIDs? Or do people just hope for good-faith attempts? Can it have spaces? Can it be Bobby Tables?