CSRF is an abbreviation for cross-site request forgery, where a malicious user tricks the user's browser into silently performing an HTTP request to the website when the user is logged in.
An example of such an attack is inserting an invisible image tag with src
pointing to http://example.com/site/logout
. Even if the image
tag is inserted in another website, you will be immediately logged out from example.com
. The consequences of CSRF can be very serious: destroying website data, preventing all website users from logging in, exposing private data, and so on.
Some facts about CSRF:
As CSRF should be performed by the victim user's browser, the attacker cannot normally change the HTTP headers sent. However, there are both browser and Flash plugin vulnerabilities that exist which allow users to spoof headers, so we should not rely on these.
The attacker should pass the same parameters and values as the user would normally.
Considering these, a good method of dealing with CSRF is by...