Reputation: 142
php using token inside form why token is importent
I have some question about access token hope you guy's have the answer, I did my research but for sure I didn't understand why using token is so important to secure forms. So my question is and I hope to understand that what token exactly do in forms, how it's secure form and secure it from what.
And is the token Important in login form but what if I didn't use the token inside login form is that make the form unsecured.
Upvotes: 0
Views: 63
Answers (1)
Reputation: 1148
Access token is one of protection patterns against CSRF attack. CSRF stands for Cross-site Request Forgery. It is deeply explained here:
WIKI-CSRF
Especially take a look at Examples section and Prevention section.
In simple words this attack for example steals request with login information and lets intruder login in any time. If you have access token that is gone after session is gone or after opening the form another time, you are protected.
I encourage you to read the article above.
I hope this helped.
Upvotes: 1
Related Questions
- Why is a new token generated when we submit the form
- PHP form token usage and handling
- Form is not submitted and Invalid Token in PHP
- PHP token security
- PHP and MySQL, issue with form token
- Unique token with form submit doesn't seem to work
- What is a security token and why is it used in forms?
- API with tokens
- PHP Tokens for Forms and Authentication
- PHP - How to get tokens?