csrf-protection
Installation
SKILL.md
CSRF Protection
Defend against Cross-Site Request Forgery attacks using multiple protection layers.
Protection Methods
| Method | How It Works | Browser Support |
|---|---|---|
| Synchronizer Token | Hidden form field validated server-side | All |
| Double Submit | Cookie + header must match | All |
| SameSite Cookie | Browser blocks cross-origin requests | Modern |
Token-Based Protection (Express)
const crypto = require('crypto');