How to use Cross Site Request Forgery protection correctly?

I’ve only started getting into web programming with Django recently. In order to make my website more secure, I used csrf_token when sending POST request, followed what I saw in
https://docs.djangoproject.com/en/3.1/ref/csrf/.
However, as I included
<script src="https://cdn.jsdelivr.net/npm/js-cookie@rc/dist/js.cookie.min.js"></script>
in my HTTP file from Javascrip Cookie Library, I can get the csrf_token directly from my browser in Inpsect>console. I am not sure if I did this correctly or not, please give me some pointers.

76 thoughts on “How to use Cross Site Request Forgery protection correctly?”

  1. Pingback: buy plaquenil cvs

Leave a Comment