How it works...
When we send a request from a browser and already have a cookie belonging to the target domain stored, the browser will attach the cookie to the request before it is sent; this is what makes cookies so convenient as session identifiers, but this characteristic of how HTTP works is also what makes it vulnerable to an attack like the one we saw in this recipe.
When we load a page in the same browser where we have an active session in an application, even if it's a different tab or window, and this page makes a request to the domain where the session is initiated, the browser will automatically attach the session cookie to that request. If the server doesn't verify that the requests it receives actually originated from within ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access