CSRF Token #805
CSRF Token
#805
-
|
Hi, im new to rust and loco stuff, is there any recommendation to implement CSRF token in loco, like we did in rails? i need this because when using JWT token and using cookie in the client side, it seems need to have some sort of CSRF token mechanism to prevent CSRF attack? Any guideline will be helpfui, thank you |
Beta Was this translation helpful? Give feedback.
Answered by
tanto-satu
Oct 7, 2024
Replies: 1 comment
-
|
seems like for CSRF can be mitigated with SameSite=Strict cookies that implemented here https://loco.rs/docs/the-app/controller/#secure-headers |
Beta Was this translation helpful? Give feedback.
0 replies
Answer selected by
tanto-satu
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
seems like for CSRF can be mitigated with SameSite=Strict cookies that implemented here https://loco.rs/docs/the-app/controller/#secure-headers