How to Add Form Key in Magento 2
Magento's form keys serve as a safeguard against Cross Site Request Forgery, which refers to attempts to submit data to your forms from other websites while acting as you.
A spammer can create their own form and post to any form handler controller action in the Magento 2 store if the website is susceptible to an XSRF attack. The below-mentioned workaround enables a verification check on the form key parameter that is also included with the post, and it ignores any post that does not pass this test.
These resources are useful in demonstrating how to build a form key for use in a phtml file.
Comments
Post a Comment