Cookie-to-header token CSRF protection – is it necessary to verify cookie value?
I’m testing Angular application which uses Cookie-to-header token CSRF protection. According to Angular documentation https://angular.io/guide/http#security-xsrf-protection:
When performing HTTP requests, an interceptor reads a token from… Continue reading Cookie-to-header token CSRF protection – is it necessary to verify cookie value?