07. Cross-Site Request Forgery/02. CSRF Verification (🏁 solution)

CSRF Verification

πŸ‘¨β€πŸ’Ό Awesome work! You can test this out by clearing your cookies before you submit the form. You should get a 403 error in that case. If you really want, you can try to run a CSRF attack on the playground and see if you can get it to work. Good luck!
In any case, I feel so much more secure now. Thank you!
πŸ§β€β™‚οΈ I'm going to make a validateCSRF utility out of that work you just did because we're going to want to do this all over the place for all our forms. Feel free to do this yourself if you want the practice. I'm also going to apply this to all the forms in the app too. As usual, you can do that yourself if you'd like the extra practice. But I don't mind doing it for you. Either way, you can check the diff. Cheers!
← PreviousNext β†’
Edit on GitHub
problemsolutiondiffchat
Login to get access to the exclusive discord channel.
  • πŸ”­foundations
    πŸ’Ύdata
    general
    πŸ“forms
    πŸ”auth
    Thank you for the inspiration
    Binalfew πŸš€ 🌌:
    <@105755735731781632> I wanted to thank you for the incredible knowledge I gained from your Epic Web...
    • ❀️1
     1 Β· 3 days ago
  • general
    Welcome to EpicWeb.dev! Say Hello πŸ‘‹
    Kent C. Dodds β—† πŸš€πŸ†πŸŒŒ:
    This is the first post of many hopefully!
    • 18
     81 Β· 2 months ago
  • general
    npm install everytime I setup a new playground
    Duki 🌌:
    Is it normal that I have to run `npm install` in my playground directory, everytime I setup the play...
    • βœ…1
     2 Β· 2 months ago
  • πŸ“forms
    Review - Professional Web Forms
    Baghira 🌌:
    So I finished the second workshop last week. I wnated to digest and let some timepast before I wante...
    • βœ…1
     1 Β· 3 months ago
  • πŸ’Ύdata
    πŸ“forms
    πŸ”­foundations
    Reviewing foundations, Mutations, Actions
    silvanet πŸš€ 🌌:
    Forgive me for this. I went over the file size limit. I don't want to sign up for being able to exce...
    • βœ…1
     2 Β· 8 months ago
  • general
    Migration to Vite: Server-only module referenced by client
    Fabian 🌌:
    Hi, I'm working on migrating to Vite following the remix docs (https://remix.run/docs/en/main/guides...
    • βœ…1
     1 Β· 5 months ago
  • πŸ’Ύdata
    πŸ“forms
    Getting a TS error that is not present in the course files
    OtterlyPunk:
    So I'm working in parallel and I'm feeling the problem is I'm using a new version of something in my...
    • βœ…2
     12 Β· 9 months ago
  • general
    Remix Vite Plugin
    Binalfew πŸš€ 🌌:
    <@105755735731781632> Now that remix officially supports vite (though not stable) what does it mean...
    • βœ…1
     3 Β· a year ago
  • general
    πŸ”­foundations
    Solutions video on localhost:5639 ?
    quang πŸš€ 🌌:
    Hi, so I'm having a hard time navigating (hopefully will be better with time) The nav on epicweb.de...
    • βœ…1
     9 Β· a year ago
  • πŸ“forms
    Loading into disk
    DiogoVaz 🌌:
    I am going through the File Upload section and I completely understand the benefits of loading the a...
    • βœ…1
     2 Β· 6 months ago
  • general
    Epicshop is now social and mobile friendly!
    Kent C. Dodds β—† πŸš€πŸ†πŸŒŒ:
    I'm excited to announce that now the Epic Web workshops are mobile friendly! https://foundations.ep...
    • πŸŽ‰2
     0 Β· 7 months ago
  • πŸ’Ύdata
    πŸ“forms
    πŸ”­foundations
    How can I do this?
    silvanet πŸš€ 🌌:
    Viewing the Intro (from the Workshop) for Mutations, the course has an embedded video where Kent exp...
    • βœ…1
     3 Β· 8 months ago
  • πŸ’Ύdata
    general
    πŸ“forms
    πŸ”­foundations
    double underscore?
    trendaaang 🌌:
    What with the `__note-editor.tsx`? I don't see that in the Remix docs and I don't remember Kent talk...
    • βœ…1
     2 Β· 8 months ago
  • πŸ“forms
    Unable to start the playground
    Payapula πŸš€ 🌌:
    Today morning I have updated the workshop for web-form - https://github.com/epicweb-dev/web-forms/co...
    • βœ…1
     16 Β· 9 months ago
  • πŸ”­foundations
    πŸ’Ύdata
    general
    πŸ“forms
    πŸ”auth
    Native Logging
    trendaaang 🌌:
    I was thinking that it could be useful to log every CRUD operation to help track down errors. Is tha...
    • βœ…1
     6 Β· 9 months ago
  • πŸ“forms
    File upload `unstable_parseMultipartFormData` vs `File`
    QzCurious 🌌 πŸš€:
    I'd like to ask why we want to use `unstable_parseMultipartFormData` at first place? It seems to me ...
    • βœ…1
     8 Β· 9 months ago
  • πŸ“forms
    Purpose of conform.fieldset() in the excercise
    blue_cat_blues 🌌 πŸš€:
    In the solution for Web forms 05/01 (complex structures/ nested objects) there is a call to `conform...
    • βœ…1
     4 Β· 9 months ago