|
|
|
|
|
|
by szmarczak
4 days ago
|
|
|
> You have to mitigate CSRF server-side (with a CSRF token > when you're using tokens in JavaScript then you don't have to worry because you already have your CSRF token No reason to have a dedicated CSRF token because your local storage token already works as a CSRF token. |
|
|