Paul's summary was - HTTPS, HSTS and validate Host header. I will add - you
*must* also ensure there are no XSS vulnerabilities on your website.
If your website has a XSS vulnerability, there can be no CSRF protection.
This is because XSS makes it possible to steal the csrf as well as session
c
HOT INCOME EVERY MONTH!! EARN $3000 -$5000 FROM HOME!!
NO
Hello Mates, I want to show you all a great way on how to earn
money . It is completely safe and legal. You are not buying anything,
selling anything or paying for anything! You don't even need to enter
your personal details
Build A Website For Free
Build Your own website without knowing HTML.Web Desining Software For
Free.
http://webhostlink.blogspot.com/
Low Cost Web Hosting Services
Cheapest Indian Domains .COM,.NET,.ORG and .INFO Are Avai
