Each time a customer challenges a request, the server-facet element have to confirm the existence and validity from the token in that request and Look at it on the token present in the consumer session. Both equally the synchronizer token and the double-submit cookie are applied to prevent forgery https://casesolution92019.blogocial.com/an-unbiased-view-of-hbr-case-solution-73430347