samshers
Reputation: 3670
CSRF token on a web page with multiple forms?
When CSRF is enabled and a web page has multiple forms, will all the forms have the same csrf token or each form has a unique csrf token?
If this is framework dependent, then how does it work in the context of spring security?
Upvotes: 1
Views: 328
Answers (1)
Atul
Reputation: 3357
CSRF is not associated with form or something but to associated with each request.
Each individual request contains new csrf token.
Upvotes: 1
Related Questions
- CSRF token value when same page is opened in two tabs on same machine?
- Spring Security 4 JTwig put CSRF token in forms
- Spring Security CSRF Token not working with AJAX call & form submit in same JSP
- How to add csrf token to the html form?
- Avoid CSRF token in URLS
- Different csrf token per request in Spring security
- CSRF: Generate token for every request
- _csrf token in 2 forms in the same JSP (CSRF protection)
- CSRF protection in web application
- Generating CSRF tokens for multiple forms on a single page