Crazy Horse
asked on
Do you need to unset the session variable after CSRF token check passes?
I had this question after viewing Checking CSRF token within a function.
If the form value and session value match and the CSRF check is successful upon form submission, should you unset the session variable?
If the form value and session value match and the CSRF check is successful upon form submission, should you unset the session variable?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.