Every edit operation must be accompanied by a token, which ensures the validity of the user request and protects against CSRF attacks.
每个编辑操作必须伴有一个令牌,这可确保用户请求的有效性,并抵御CSRF攻击。
2
The UML diagram in Figure 2 also shows the classes used for security bindings, supporting token assertions for operation policy subject and protection assertions for the message policy subject.