CSRF
A CSRF attack is a bit similar to an XSS attack. Let's use an analogy to simplify our explanation of CSRF attacks. Imagine a user, Bob, who opens his web browser and logs in to his banking customer portal to perform some online transactions on his account. Bob has used his user credentials on his bank's web portal; the web application/server verifies that the user is Bob and automatically trusts his computer as the device communicating with the web server.
However, Bob also opens a new tab in the same browser to visit another website while maintaining an active session with the bank's web portal (trusted site). Bob doesn't suspect that the new website he visits contains malicious code, which is then executed in the background on Bob's ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access