I'd like to know what status http
I should return in my application if someone is trying to forge a request via form.
The application I developed is done in Laravel 4
and I'm using that CSRF_TOKEN
.
The CSRF_TOKEN
is intended to be able to preface attacks from Cross-Site Request Forgery .
Would it be correct to use some of the methods such as 400 - Bad Request
, 503 - internal server error
, or 403 - unauthorized access
, if there is a forged request attempt? Or simply, should I not return any% w / o% or error?