Implemented Improve csrf_token to mitigate BREACH attacks


Well-known member
XenForo sites running on SSL/TLS may be subject to BREACH attacks. To mitigate the attack, one could improve the csrf_token generated by XenForo. Currently it consists of a random string of 40 characters. Instead, it is suggested to do the following:

The researchers who discovered the attack suggest mitigating it by "masking" secret tokens so they are different on each request. This implements their suggested masking approach from section 3.4 of the paper (PDF). The authenticity token is delivered as a 64-byte string, instead of a 32-byte string. The first 32 bytes are a one-time pad, and the second 32 are an XOR between the pad and the "real" CSRF token. The point is not to hide the token from the client, but to make sure it is different on every request so it's impossible for an attacker to recover by measuring compressability.