Explore >> Select a destination
|
You are here 
|
www.kencochrane.com | ||
| | | | |
bogs.io
|
|
| | | | | CSRF stands for Cross-Site Request Forgery and is one of the most "popular" web application vulnerabilities | |
| | | | |
mathieu.fenniak.net
|
|
| | | | | Cross-site request forgery (CSRF) is a type of security exploit where a user's web browser is tricked by a third-party site into performing actions on websites that the user is logged into. It is often a difficult attack to pull off, as it requires a number of factors to line up at once. Protecting against it requires good discipline and good design practices, especially when it comes to protecting Web APIs. Here's a brief example of a fictitious CSRF attack against a bank: | |
| | | | |
jinyuz.dev
|
|
| | | | | Often, I forget how to display the raw SQL of a queryset in Django. This is a quick and easy example of how to do it from django.contrib.auth.models import User qs = User.objects.all() print(qs.query) SELECT "auth_user"."id", "auth_user"."password", "auth_user"."last_login", "auth_user"."is_superuser", "auth_user"."username", "auth_user"."first_name", "auth_user"."last_name", "auth_user"."email", "auth_user"."is_staff", "auth_user"."is_active", "auth_user"."date_joined" FROM "auth_user" | |
| | | | |
demo.tagdiv.com
|
|
| | | |||
