CSRF: Cross-site request forgery or XSRF.. basically type of subtle attack that exploit the hole where a browser has already been authenticated - to send unauthorized command.
Unlinke XSS (Cross-site scripting), which exploits the trust of a user to website, CSRF exploits the trust of a web tie in a user's browser.
some preventive measure:
RequestPolicy Firefox extension.
NoScript Firefox extension
No comments:
Post a Comment