RatSec

CSRF: Verify token presence on necessary forms (Create, Update, Delete) Check server-side token length validation Ensure server checks for token parameter Test server response to empty parameter and