to prevent CSRF I want to implement the Synchronizer Token Pattern in my classic

Question

0

Asked: May 23, 20262026-05-23T08:45:50+00:00 2026-05-23T08:45:50+00:00

to prevent CSRF I want to implement the Synchronizer Token Pattern in my classic

0

to prevent CSRF I want to implement the Synchronizer Token Pattern in my classic asp application.

I understand that iIshould generate a token in session_onstart. What I do not get is how to generate such a token as it should be random and unique. So a simple Rnd() and randomize will not work, right?

Furthermore should it be hashed in any way? How?

Thanks for any hints…

Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-23T08:45:51+00:00

Editorial Team

2026-05-23T08:45:51+00:00Added an answer on May 23, 2026 at 8:45 am

You could use a GUID as token:-

Function GetGUID()

    GetGUID = CreateObject("Scriptlet.TypeLib").GUID 

End Function

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

to prevent CSRF I want to implement the Synchronizer Token Pattern in my classic

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply