Cross-Site Request Forgery
Learn about cross-site request forgery, same-site cookie, and using components with known vulnerabilities.
We'll cover the following...
What is CSRF?
Cross-site request forgery (CSRF) used to be a bigger issue than it is now. These days, most web frameworks automatically include defenses against it. But a lot of old applications are out there. Some are vulnerable targets, while others can be used as stooges.
A CSRF attack starts on another site. An attacker uses a web page with JavaScript, ...