Hello world, my name is rrouwelng and I am here to talk about the CSRF token. So, what is a CSRF token? A Cross-Site Request Forgery token is a unique and unpredictable value generated by server-side application. This was developed as a countermeasure to the Cross-Site Request Forgery attack that was first documented in the early 2000's. What is a Cross-Site Request Forgery attack ? Allow me to give an example. This is Bob, Bob, logs into his bank at Bob then decided to go read an article at a certain website at Please note that Bob hasn't logged out of his bank account. The site 'welikekittens.com' is set up by a malicious actor(call him swipper). The website(welikekittens.com) is set up to send a form that is basically just a POST request to Bob's bank website that basically tells it to credit a certain amount of money to the account of the attackers choosing.…