What is a CSRF token ? What is its importance and how does it work?

Question

I am writing an application (Django, it so happens) and I just want an idea of what actually a \"CSRF token\" is and how it protects the data. Is the post data not safe if y

Answer 1

The root of it all is to make sure that the requests are coming from the actual users of the site. A csrf token is generated for the forms and Must be tied to the user's sessions. It is used to send requests to the server, in which the token validates them. This is one way of protecting against csrf, another would be checking the referrer header.