Too Long; Didn't Read
In this article, we will discuss the various attack methods that make your rails app vulnerable to Cross-Site Request Forgery(CSRF) and XSS (XSS) exploits. CSRF occurs in an authenticated session when there is an existing browser-server trust. XSS is a form of injection attack that doesn’t require authentication and happens when the proper measures were not made on the backend to validate or escape inputted values this form of attack gives the attacker direct access to all elements on the page.