DEV Community

Cover image for CSRF attack
Mohammad Reza
Mohammad Reza

Posted on

CSRF attack

#security #csrf #attack #owasp

What is CSRF

CSRF attacks are also known by a number of other names, including XSRF, “Sea Surf”, Session Riding, Cross-Site Reference Forgery, and Hostile Linking. Microsoft refers to this type of attack as a One-Click attack in their threat modeling process and many places in their online documentation.
Alt Text

How to Prevent Cross-Site Request Forgery Attacks

Just add somethings that attacker doesn't know
An attacker can launch a CSRF attack when he knows which parameters and value combination are being used in a form. Therefore, by adding an additional parameter with a value that is unknown to the attacker and can be validated by the server, you can prevent CSRF attacks. Below is a list of some of the methods you can use to block cross-site request forgery attacks.

Top comments (0)

Read next

petrussola profile image

Steps to fix package security vulnerabilities in your JS project

Pere Sola -

codewithshahan profile image

Add Passwordless Facial Authentication on Your Website! (FACEIO)

Programming with Shahan -

ekirigwe profile image

SAST, DAST, and IAST: Approaches to Testing Application Security

Samuel Ekirigwe -

lukehinds profile image

Understanding SafeTensors: A Secure Alternative to Pickle for ML Models

Luke Hinds -