Tweet

Cross Site Request Forgery (CSRF)

A Cross-site request forgery hole is when a malicious site can cause a visitor's browser to make a request to your server
that causes a change on the server. The server thinks that because the request comes with the user's cookies, the user wanted to submit that form. CSRF This type of attack occurs when a malicious Web site contains a link, a form button or some javascript that is intended to perform some action on your Web site, using the credentials of a logged-in user who visits the malicious site in their browser

Click Jack Demo




			Preventing CSRF
=======================
Develop POST Request for Application data
Generate CSRF Token