/explore

Click through on any links that interest you or select the planets on the right to continue exploring the Outer Web.
You are here

blog.doyensec.com
| | bogs.io
2.8 parsecs away

Travel
| | CSRF stands for Cross-Site Request Forgery and is one of the most "popular" web application vulnerabilities
| | statuscode.ch
2.8 parsecs away

Travel
| | We're constantly working on adding more security features and hardenings to Nextcloud, after all it's your data and it has to be protected properly. While the Nextcloud 9 release fixes a critical security issue (we have informed upstream about this but in the meanwhile recommend upgrading as soon as possible) it also adds another new...
| | www.vlent.nl
2.3 parsecs away

Travel
| | [AI summary] The article explains that Django's Cross-site request forgery (CSRF) protection relies on a 'Double Submit Cookie' mechanism requiring both a cookie and a form parameter, and demonstrates how the validation works and why it prevents malicious requests.
| | mathieu.fenniak.net
5.7 parsecs away

Travel
| Cross-site request forgery (CSRF) is a type of security exploit where a user's web browser is tricked by a third-party site into performing actions on websites that the user is logged into. It is often a difficult attack to pull off, as it requires a number of factors to line up at once. Protecting against it requires good discipline and good design practices, especially when it comes to protecting Web APIs. Here's a brief example of a fictitious CSRF attack against a bank: