To mitigate Cross-site request forgery attacks, websites that submit forms can include a nonce, to make sure that the request is being sent from the origin that is expected. This way, a post request containing the nonce, or public token, can be verified with a secret, and stored on the…