(Cross-Site Request Forgery) is an attack that impersonates a trusted user and sends a website unwanted commands. This can be done, for example, by including malicious parameters in a behind a link that purports to go somewhere else: CSRF URL < =" :// / ? = & =123"> img src https www .example .com index .php action delete id For users who have some permissions on , the element will execute action on without their noticed, even if the element is not at . https://www.example.com <img> https://www.example.com https://www.example.com There are many ways to prevent CSRF, such as implement , add secure token, etc. RESTful API Learn more General knowledge on Wikipedia Cross-site request forgery Prevention measures MDN security tutorial View Previous Terms: Block cipher mode of operation Certificate authority Challenge-response authentication Cipher Cipher suite Ciphertext CORS CORS-safelisted request header CORS-safelisted response header Cross-site scripting Cryptanalysis Cryptographic hash function Cryptography CSP Decryption Digital certificate DTLS (Datagram Transport Layer Security) Encryption Forbidden header name Forbidden response header name Hash HMAC HPKP HSTS HTTPS Key MitM OWASP Preflight request Public-key cryptography Reporting directive Robots.txt Same-origin policy Session Hijacking SQL Injection Symmetric-key cryptography TOFU Transport Layer Security (TLS) Credits Source: https://developer.mozilla.org/en-US/docs/Glossary/CSRF Published under license Open CC Attribution ShareAlike 3.0

Mozilla

Glossary of Security Terms: CSRF

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

A Quick Introduction to the Resize Observer API

10 Cool CI/CD Tools For Your Project

27 Stories To Learn About Ssl

20 Essential Backend Tools For Developers

3 Most Common Ways to Connect your Node and React Applications

369 Stories To Learn About Database

A Quick Introduction to the Resize Observer API

10 Cool CI/CD Tools For Your Project

27 Stories To Learn About Ssl

20 Essential Backend Tools For Developers

3 Most Common Ways to Connect your Node and React Applications

369 Stories To Learn About Database

Light-Mode

Classic

Newspaper

Minty

Dark-Mode

Neon Noir

Minty

HN StartUps