I have added some prevention in website for CSRF. (i.e - I have added functionality to check CSRF token / form key for controller for POST method. )
I am not sure about the ways the API can be tested for CSRF.
I need some advice on Test cases which can be applied to test API for CSRF.
Thankyou
Aucun commentaire:
Enregistrer un commentaire