Menu
The attack from forms can be solved also using code like.
[code=php]
<div style=”margin:0;padding:0″><input name=”authenticity_token” type=”hidden” value=”9b7a4b5cb8f7c7910dsd797sdcnmxcox8c0dfč2582110887ff5″ /></div>
Steps of security:
1. GET the form and token
2. then POST the form and token
How does the auth_token provide security if I use this sample?