Jesus_Rodrigue2
Oct 01, 2014Nimbostratus
ASM CSRF Expiration Time token
Hello
I have recently implemented CSRF protection on few web based applications, so far so good but now I would like to enable expiration-time on the token so that it will be renewed every x seconds . What do you think is a good value for the expiration time? 1s, 10 s , 120 s ? Ideally it would be great to get it renewed every request but there is no such option so I am wondering if it is safe to set it up to 10s
Many thanks