O'Reilly logo

Seven Deadliest Web Application Attacks by Mike Shema

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Understanding Cross-Site Request Forgery

Hypertext Transfer Protocol (HTTP) transfers discrete information between the Web server and the browser. This information could be an authentication request for a login form, a search for the word “doughnut,” or reading an e-mail message. Popular Web sites handle dozens to hundreds of requests per second. Cross-site request forgery (CSRF) exploits assumptions that underpin how Web pages are put together and Web sites are expected to work. This subtle aspect highlights how pervasive such attacks can be and the relative difficulty in blocking them effectively. While a CSRF attack might carry some telltale signatures (it rarely does), the faint fingerprints are nothing like the blaring klaxons of malicious ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required