views:

27

answers:

1

Let me first tell that I understand the concept of CSRF attacks. Now I wonder, are there benefits to placing tokens on a search form? I can't really think of anything myself.

+1  A: 

The only benefit I can think of is potentially preventing denial of service attacks if your searches were extremely computationally expensive and required authentication.

amdfan
I had the same though. E.g., if someone places an img an a popular site, then I would get massive amounts of expensive searhces
rFactor