How to prevent CSRF in a RESTful application?

Question

Cross Site Request Forgery (CSRF) is typically prevent with one of the following methods:

• Check referer - RESTful but unreliable
• insert token into for

Answer 1

There are a few methods in the CSRF Prevention Cheat Sheet that can be used by restful service. The most RESTful stateless CSRF mitigation is using the Origin or HTTP referer to make sure the requests originate from a domain you trust.