Chapter 2. Cross-Site Request Forgery

Information in this Chapter

  • Understanding Cross-Site Request Forgery
  • Employing Countermeasures

Imagine standing at the edge of a field, prepared to sprint across it. Now, imagine your hesitation knowing the field, peppered with wildflowers under a clear, blue sky, is also strewn with hidden mines. The consequences of a misstep would be dire and gruesome. Browsing the Web carries a metaphorical similarity that, while obviously not hazardous to life and limb, still poses a threat to the security of your personal information.

How often do you forward a copy of all your incoming e-mails, including password resets and private documents, to a stranger? In September 2007, a security researcher demonstrated ...

Get Seven Deadliest Web Application Attacks now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.