Return to topic cards

Cross-Site Request Forgery (CSRF)

Web Security VulnerabilitiesSession ManagementAttack Prevention TechniquesUser AuthenticationReal-World Cyber Threats

Cross-Site Request Forgery (CSRF) is a web security vulnerability where an attacker tricks an authenticated user into executing unwanted actions on a web application. This attack exploits the trust that a site has in the user's browser.

Key Points

  • CSRF attacks target authenticated users.
  • The attacker crafts a malicious request that the user's browser automatically sends to the vulnerable web application.
  • Prevention methods include using anti-CSRF tokens, requiring re-authentication for sensitive actions, and validating the HTTP referer header.

How CSRF Attacks Work

CSRF attacks exploit the trust a web application has in a user's browser. The attacker tricks the user into performing actions they did not intend to perform.

Steps of a CSRF Attack

  1. User Authentication: The user logs into a web application and receives a session cookie.
  2. Malicious Request: The attacker crafts a malicious request that the user's browser automatically sends to the vulnerable web application.
  3. Unintended Action: The web application trusts the request because it comes from an authenticated user, leading to unintended actions.

Prevention Techniques

Anti-CSRF Tokens

Include a unique token in each request to ensure it is legitimate. This token is typically included in forms and verified by the server.

Re-authentication

Require users to re-authenticate for sensitive actions. This adds an extra layer of security by confirming the user's identity before performing critical operations.

HTTP Referer Header Validation

Check the referer header to ensure requests come from trusted sources. This helps in verifying that the request originates from a legitimate source.

Practical Example

Alice, an admin, receives a message from Malorie containing a hidden request to delete a forum post. When Alice views the message, her browser sends the delete request using her active session, unknowingly performing the action.

Real-World Application

CSRF attacks can be used to transfer funds, change account details, or perform other sensitive actions on web applications like online banking or social media platforms.

Key Takeaways

  • CSRF exploits the trust a web application has in a user's browser.
  • Prevention involves using tokens and validating requests.
  • Always log out of sensitive accounts when not in use to minimize risk.

Learn More