diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/pyramid/csrf.py | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/pyramid/csrf.py b/src/pyramid/csrf.py index 26c628acc..9cd393376 100644 --- a/src/pyramid/csrf.py +++ b/src/pyramid/csrf.py @@ -97,9 +97,9 @@ class SessionCSRFStoragePolicy(object): class CookieCSRFStoragePolicy(object): """ An alternative CSRF implementation that stores its information in unauthenticated cookies, known as the 'Double Submit Cookie' method in the - `OWASP CSRF guidelines <https://www.owasp.org/index.php/ - Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet# - Double_Submit_Cookie>`_. This gives some additional flexibility with + `OWASP CSRF guidelines + <https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#double-submit-cookie>`_. + This gives some additional flexibility with regards to scaling as the tokens can be generated and verified by a front-end server. |