What a Cross-Site Request Forgery Attack Is and How to Prevent It

https://dzone.com/articles/what-a-cross-site-request-forgery-attack-is-and-ho?utm_medium=feed&utm_source=feedpress.me&utm_campaign=Feed%3A+dzone

When you are browsing a website, it is typical for that website to request data from another website on your behalf. For example, in most cases, a video that is shown on a website is not typically stored on the website itself. The video appears to be on the website but it is actually being embedded from video streaming websites such as youtube.com. That’s how Content Delivery Networks (CDNs), which are used to deliver content faster, work. Many websites store scripts, images, and other bandwidth-hungry resources on CDNs, so when you are browsing them the images and script files are downloaded from a CDN source near you rather than from the website itself. While all the above use cases are necessary for a good browsing experience, they might also be a source of a security problem, because the website you are browsing can request your web browser to retrieve data from another website without your consent. If such requests are not handled correctly, an attacker can launch a Cross-Site Request Forgery attack.

0 views

Recent Posts

See All

ENABLING SMBS WITH TECHNOLOGY

Section 1: Market Overview Key Points Small and medium businesses (SMBs), typically defined as having fewer than 500 employees, are a major part of the U.S. economy. These firms represent 99.7% of the

Server SQL

IT OPTIMIZATION IS KEY TO DIGITAL TRANSFORMATION IDC Worldwide Database Server Forecast SQL Server 37% of all units run Microsoft, >50% of units run 2008/R2 or older2 Priorities • Eliminate time spent