For encrypting things that need to embed the anti-CSRF token for more security.
For encrypting things that need to embed the anti-CSRF token for more security. (For example when using with GET requests, which does not include the token.) Otherwise you should use SeriDeseri's to/fromSecureUrlSafeBase64 for shorter result.
SeriDeseri's to/fromSecureUrlSafeBase64 is for preventing a user to mess with his own data to cheat the server. CSRF is for preventing a user to fake other user's data.