Example 5 We have already seen a couple of JavaScript examples. Let’s take a look at an example from jquery
and at the full html source code:
HTML CODE
We start by closing the html, head, and title tags; next, we paste the html for the form that we
created earlier, which will automatically change the password.
Anti-CSRF Tokens A better way to protect against CSRF attacks is by using CSRF tokens. The nonce tokens are the
most popular ones used, and they could be generated per session or per specific user action. They
are usually submitted via a hidden form field since the attacker will not have access to the anti-
csrf tokens. He won’t be able to make a request on behalf of the victim. This is how it’s actually
implemented:
