Explore >> Select a destination
|
You are here 
|
www.sjoerdlangkemper.nl | ||
| | | | |
bad-neighborhood.blogsblogsblogs.com
|
|
| | | | | ||
| | | | |
introvertmac.wordpress.com
|
|
| | | | | What is CSRF ? "Cross-site request forgery, also known as one-click attack or session riding and abbreviated as CSRF (sometimes pronounced sea-surf) or XSRF, is a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the website trusts." - Wikipedia CSRF is at 8th position in OWASP... | |
| | | | |
mathieu.fenniak.net
|
|
| | | | | Cross-site request forgery (CSRF) is a type of security exploit where a user's web browser is tricked by a third-party site into performing actions on websites that the user is logged into. It is often a difficult attack to pull off, as it requires a number of factors to line up at once. Protecting against it requires good discipline and good design practices, especially when it comes to protecting Web APIs. Here's a brief example of a fictitious CSRF attack against a bank: | |
| | | | |
lisp-journey.gitlab.io
|
|
| | | A short post to show the usefulness of Hunchentoot-errors and to thank Mariano again.This library adds the current request and session data to your stacktrace, either in the REPL (base case) or in the browser.TLDR;Use it like this:;; (ql:quickload "hunchentoot-errors) ;; ;; We also use easy-routes: (ql:quickload "easy-routes") (defclass acceptor (easy-routes:easy-routes-acceptor hunchentoot-errors:errors-acceptor) () (:documentation "Our Hunchentoot acceptor that uses easy-routes and hunchentoot-errors, ... | ||
