CSRF Protection #471
Closed this issue · 1 comments
ematipico commented
- Accepted Date: 2024-01-10
- Reference Issues/Discussions: #471
- Author: @FredKSchott
- Champion(s): @ematipico
- Implementation PR:
Summary
Provide the infrastructure to protect Astro websites from CSRF attacks
Background & Motivation
Most background is available here: https://owasp.org/www-community/attacks/csrf
Astro should provide some level of security to users.
Goals
- Add the required checks to prevent CSRF, probably via an option
Non-Goals
- Give the users the possibility to customise the implementation of the protection