As i mentioned in the topic name, how they can secure our website? an ajax app, for example the hacker app can read the token there in meta-tag then make an request, what did csrf token did? just it causes the hacker do its job in two step not one?
https://www.owasp.org/index.php/Cross-Site_Request_Forgery_%28CSRF%29_Prevention_Cheat_Sheet.
http://shiflett.org/articles/cross-site-request-forgeries.
I wouldnt post highly sensitive data with an AJAX post I would use a regular post in Laravel.
CSRF is not only AJAX Problem, it can be done with regular POST request
Sign in to participate in this thread!
The Laravel portal for problem solving, knowledge sharing and community building.
The community