173 reads

Glossary of Security Terms: CSRF

by Mozilla ContributorsAugust 22nd, 2020

Too Long; Didn't Read

CSRF (Cross-Site Request Forgery) is an attack that impersonates a trusted user and sends unwanted commands. This can be done, for example, by including malicious parameters in a URL behind a link that purports to go somewhere else://www.example.com.com: For users who have some permissions on the website, the element will execute action on the site without their noticed. There are many ways to prevent CSRF, such as implement RESTful API, add secure token, etc.

Company Mentioned

featured image - Glossary of Security Terms: CSRF

CSRF (Cross-Site Request Forgery) is an attack that impersonates a trusted user and sends a website unwanted commands. This can be done, for example, by including malicious parameters in a behind a link that purports to go somewhere else:

<img src="//www.example.com/index.php?action=delete&id=123">

For users who have some permissions on

//www.example.com

, the

<img>

element will execute action on

//www.example.com

without their noticed, even if the element is not at

//www.example.com

There are many ways to prevent CSRF, such as implement , add secure token, etc.

Learn more

General knowledge

on Wikipedia

View Previous Terms:

Credits

Source:
Published under Open CC Attribution ShareAlike 3.0 license

L O A D I N G
. . . comments & more!

About Author

Mozilla Contributors@mozilla

Mozilla (stylized as moz://a) is a free software community founded in 1998 by members of Netscape.

Read my stories About @mozilla

TOPICS

cybersecurity #data-protection #security-terms #mozilla #hackernoon-top-story #backend #web-development #mdn #security

THIS ARTICLE WAS FEATURED IN...

Terminal

Lite

Join HackerNoon

Latest technology trends. Customized Experience. Curated Stories. Publish Your Ideas