From 6d7313bc870b0a37287dc7e3b30b1b5583c9ef0e Mon Sep 17 00:00:00 2001
From: Tim Schilling <schillingt@better-simple.com>
Date: Wed, 22 Nov 2023 22:27:30 -0600
Subject: [PATCH] [4.2.x] Fixed #34990 -- Changed link to OWASP in CSRF docs.

The OWASP site is the standard resource for web application
security information.
Backport of aceee39d44994df20d13104e55ae61845d7a1e95 from main
---
 docs/ref/csrf.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/ref/csrf.txt b/docs/ref/csrf.txt
index 67ae387692..165402d997 100644
--- a/docs/ref/csrf.txt
+++ b/docs/ref/csrf.txt
@@ -18,7 +18,7 @@ The first defense against CSRF attacks is to ensure that GET requests (and other
 Requests via 'unsafe' methods, such as POST, PUT, and DELETE, can then be
 protected by the steps outlined in :ref:`using-csrf`.
 
-.. _Cross Site Request Forgeries: https://www.squarefree.com/securitytips/web-developers.html#CSRF
+.. _Cross Site Request Forgeries: https://owasp.org/www-community/attacks/csrf#overview
 
 .. _how-csrf-works: