Security of ActFramework CORS CSRF Configuration: CSRF: enable global CSRF CSRF_COOKIE_NAME Csrf-token CSRF_HEADER_NAME X-Csrf-Token CSRF_PARAM_NAME _csrf CSRF token will get refreshed on login Referemce https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet https://seclab.stanford.edu/websec/csrf/csrf.pdf