Caching of scrf tokens

While caching csrf tokens are cached and breaks the validation of all forms on the page. Maybe someone will tell me how i can use caching and in same time to avoid caching of csrf tokens.?

edited Apr '16

Caching forms with csrf tokens is problematic, this problem exists in all frameworks, you can inspire in Symfony cook book

http://symfony.com/doc/current/cookbook/cache/form_csrf_caching.html

Solutions is:

  1. Use block caching and dont cache forms with CSRF tokens.
  2. Use AJAX to replace cached tokens with fresh ones.


1.4k
edited Apr '16

3) Use JWT :D