Monday, August 3, 2009

CSRF often pronounced "sea surf"

CSRF: Cross-site request forgery or XSRF.. basically type of subtle attack that exploit the hole where a browser has already been authenticated - to send unauthorized command.

Unlinke XSS (Cross-site scripting), which exploits the trust of a user to website, CSRF exploits the trust of a web tie in a user's browser.

some preventive measure:
RequestPolicy Firefox extension.

NoScript Firefox extension



Post a Comment

Subscribe to Post Comments [Atom]

<< Home