Requests Tokenisation (CSRF-protection)
Certain endpoints in the TAO backend are risks for Cross-Site Request Forgery attacks. In order to protect those endpoints, requests should each be sent with a unique, single-use token which is generated on the backend and validated there on its receipt.
- How to make a new extension in TAO 3.3
- Test Runner plugins
- Requests Tokenisation (CSRF-protection)