forms Preventing Cross-Site-Request-Forgery (CSRF ) Attacks While CSRF Token work perfectly good in preventing CSRF attacks, the implementation of these tokens is not a pleasant work. With the Cookie attribute SameSite:strict, CSRF protection just works almost anywhere.