CSRF - vignesh01105/UserLoginSystem GitHub Wiki

CSRF Cross Site Request Forgery, is security vulnerability which retrieve session id from your session and perform malcious attack such as change username and password, transfer money, etc.

CSRF Protection To avoid this attack, they are validating CSRF Token to check if the request is coming from proper site.

Use of CSRF Protection CSRF Token is mainly used for all web apps while login to form .

Framework use CSRF Spring Security Framework uses the CSRF by default. For Rest API they make use of Tokens. // disable CSRF

CSRF Token make use of them in every state-changing form (POST, PUT, DELETE).