Web {
CSRF In Application-Wide{
Csrf Normal
Bypass Through {
Chnage Method To GET-Based
Change Value Of CSRF-Token To undefined
Add Parameter _method=PUT For Bypass CSRF Based PUT/DELETE
Delete CSRF Token Value Or Delete Token Parameter
Use The same CSRF Value In Different Accounts
I hereby claim:
- I am godzilla74 on github.
- I am godzilla74 (https://keybase.io/godzilla74) on keybase.
- I have a public key whose fingerprint is 43EF 9ACB 6B93 697D 465A C381 94B9 3C27 6CEF F6CC
To claim this, I am signing this object: