Formidable Forms Community Site

The Community forums are being phased out in favor of a new Slack group.
Add your email address below to get an invitation to join the community slack group

Slack Signup
Newsletter Optin
Help Desk
Subscribe

CSRF protection

Labels

This Discussion is public

Notifications

I have a website using Formidable forms that has an extensive security protocol to check before launching. In the check they discovered a form without CSRF protection. I've searched everywhere trying to find a solution but have not found any.

Has anyone encountered this or know of a possible way to correct this issue?

Is there way to attach a anti-CSRF token?

Is there any evidence that this shouldn't be an issue using Formidable Forms?

Are you certain it's a Formidable form? Formidable use the POST method for transferring data, so by definition it is CSRF protected. If the form in question is using the GET method, it is not a Formidable form and is not CSRF protected.

You can examine the site's source code in the browser for the form's submit method.

<form method="post">

Discussion closed.