Chapter 9 Spring Security CSRF defense
Spring Security has enabled CSRF defense by default.
What is CSRF
CSRF is a browser cross site forged request. Hackers can induce users to perform some unexpected behaviors, which allows attackers to partially bypass the homologous strategy.
For example, after the user logs in to system A, the user can modify his mailbox, and then the browse ...
Posted by upnxwood16 on Fri, 22 Oct 2021 17:44:39 -0700
CSRF of Pikachu vulnerability range series
summary
CSRF is the abbreviation of Cross Site Request Forgery, and its Chinese name is cross domain request forgery. In the CSRF attack scenario, the attacker will forge a request (usually a link) and deceive the target user to click. Once the user clicks the request, the attack will be completed. Therefore, CSRF attack is also called & ...
Posted by gtomescu on Fri, 10 Sep 2021 18:33:50 -0700