Sign in

Build a Jamstack Form with Serverless Functions and a Stateless CSRF Token | Dev Extent

To mitigate Cross-site request forgery attacks, websites that submit forms can include a nonce, to make sure that the request is being sent from the origin that is expected. This way, a post request containing the nonce, or public token, can be verified with a secret, and stored on the server before mutating any data. Using a CSRF token…