CSRF Verification
π¨βπΌ Awesome work! You can test this out by clearing your cookies before you
submit the form. You should get a
403
error in that case. If you really want,
you can try to run a CSRF attack on the playground and see if you can get it to
work. Good luck!In any case, I feel so much more secure now. Thank you!
π§ββοΈ I'm going to make a
validateCSRF
utility out of that work you just did
because we're going to want to do this all over the place for all our forms.
Feel free to do this yourself if you want the practice. I'm also going to apply
this to all the forms in the app too. As usual, you can do that yourself if
you'd like the extra practice. But I don't mind doing it for you. Either way,
you can check the diff. Cheers!