• log out


Web apps are often vulnerable to Cross-Site Request Forgery attacks, which occur when a different website initiates a request to your web app server while the user is logged in. Because your app receives the right cookies, it executes the request and returns some output. To prevent this, Qbix saves a nonce value in the session, which most

talk about the Q_Valid::nonce, etc.