What is the primary defense mechanism against Cross-Site Request Forgery (CSRF) attacks?
-
A
Enforcing Content Security Policy (CSP) headers
-
B
Requiring HTTPS for all form submissions
-
C
Using anti-CSRF tokens (synchronizer token pattern)
-
D
Validating all form fields with server-side input validation