Blogory.org Cross-Site Request Forgery

Cross-Site Request Forgery, CSRF , or XSRF, is an other trust-relationship problem, between users and Web apps. Read More

Cross-Site Request Forgery


Cross-Site Request Forgery, CSRF (pronounced ``sea surf''), or XSRF, is an other trust-relationship problem, between users and Web apps.

CSRF is not a bug, it live on a normal web explorer behavior to perform HTTP requests.

Basicaly, by using tags like IMG, browsers will perform an HTTP GET request on the URL spefied by the SRC property, letting the user unaware of the action he performed. Even if it's not an image, it will display a broken image, depending on what is allowed (width/height, css properties), hidden. But the server still be accessed. This means that the user can call CGI scripts with GET parameters inside img tags without noticing. It could force the user, viewing malicious images tag, to do anything like updating their profile, post messages, send emails, ... At any time you can get a user to send HTTP GET requests whith that user's credentials, to any website you want, which is a particular danger when he's an administrator. The user executing the malicious request will of course be authentified by his own credentials (cookies stored). 

Link:http://julien.palard.fr/talks/csrf/node2.html

The iFrame below shows you a remote site.




Powered by Zopache, Grok, Zope and ZODB