Sat, 04 Apr 2026 15:13:20 +0000 https://bugs.horde.org/ticket/4492 CSRF protection with form tokens Add CSRF protection to Horde_Form using Horde_Token: we should not only check for tokens submitted twice to protect against duplicate submissions, but also check if a token is submitted at all to protect agains POST attacks with form not created by ourselves. Thu, 05 Oct 2006 12:22:40 +0000 https://bugs.horde.org/ticket/4492#t24625 The token needs to be not just present, but valid. We'll need to give each form a unique id to track that sort of thing, and store the expected token for it either in the session or by something we can look up in Token (or other) storage. Thu, 05 Oct 2006 18:31:25 +0000 https://bugs.horde.org/ticket/4492#t24653 Done for Horde 3.2 Mon, 30 Jul 2007 02:43:16 +0000 https://bugs.horde.org/ticket/4492#t35519