• Cross-site request forgery
    Cross-site request forgery, also known as one-click attack or session riding and abbreviated as CSRF (sometimes pronounced sea-surf) or XSRF, is a type...
    30 KB (3,709 words) - 02:50, 30 June 2025
  • Thumbnail for HTTP cookie
    HTTP cookie (redirect from Same-site cookie)
    to the website to which the cookie belongs (see cross-site scripting and cross-site request forgery for examples). Tracking cookies, and especially third-party...
    93 KB (10,944 words) - 02:30, 24 June 2025
  • Thumbnail for JSONP
    JSONP (section Cross-site request forgery)
    with malicious data. Naive deployments of JSONP are subject to cross-site request forgery (CSRF or XSRF) attacks. Because the HTML <script> element does...
    16 KB (1,770 words) - 01:30, 16 April 2025
  • Server-side request forgery
    otherwise not be directly accessible to the attacker. Similar to cross-site request forgery which utilizes a web client, for example, a web browser, within...
    2 KB (216 words) - 11:28, 19 March 2025
  • Thumbnail for List of HTTP header fields
    List of HTTP header fields (redirect from HTTP request header field)
    January 19, 2014. "SAP Cross-Site Request Forgery Protection". SAP SE. Retrieved January 20, 2015. "Django Cross Site Request Forgery protection". Django...
    53 KB (2,491 words) - 11:13, 9 July 2025
  • Confused deputy problem
    program's own permission to access the file is used implicitly. A cross-site request forgery (CSRF) is an example of a confused deputy attack that uses the...
    9 KB (1,220 words) - 07:22, 25 May 2025
  • Cross-application scripting
    cross-application request forgery (CARF) is the equivalent of cross-site request forgery (CSRF) in desktop applications. In CARF the concept of “link”...
    3 KB (459 words) - 16:29, 20 June 2025
  • Session fixation (section Regenerate SID on each request)
    solved to a great extent. This technique is also useful against cross-site request forgery attacks. The session identifier on most modern systems is stored...
    18 KB (2,600 words) - 13:26, 28 June 2025
  • Web development (redirect from Web site programming)
    common vulnerabilities, including SQL injection, cross-site scripting (XSS), and cross-site request forgery (CSRF). Authentication and authorization mechanisms...
    39 KB (4,701 words) - 20:31, 1 July 2025
  • Cross-site
    Cross-site may refer to the following network security exploits: Cross-site cooking Cross-site request forgery Cross-site scripting Cross-site tracing...
    194 bytes (55 words) - 04:12, 28 December 2019
  • Thumbnail for JavaScript
    JavaScript (category Cross-platform software)
    browser authors. Another cross-site vulnerability is cross-site request forgery (CSRF). In CSRF, code on an attacker's site tricks the victim's browser...
    84 KB (7,917 words) - 17:43, 27 June 2025
  • Thumbnail for World Wide Web
    World Wide Web
    to the website to which the cookie belongs (see cross-site scripting and cross-site request forgery for examples). Tracking cookies, and especially third-party...
    106 KB (10,531 words) - 01:13, 21 July 2025
  • Same-origin policy (section Read access to sensitive cross-origin responses via reusable authentication)
    subdomains rather than port numbers. Cross-origin resource sharing Cross-site scripting Cross-site request forgery Site isolation Content Security Policy...
    19 KB (2,176 words) - 14:38, 13 July 2025
  • BREACH
    to foil BREACH in individual attack scenarios, such as using cross-site request forgery (CSRF) protection. Another suggested approach is to disable HTTP...
    6 KB (701 words) - 09:02, 9 October 2024
  • List of computing and IT abbreviations
    XSLT—eXtensible Stylesheet Language Transformations XSRF—Cross-site request forgery XSS—Cross-Site Scripting XTACACS—eXtended Terminal Access Controller...
    111 KB (7,901 words) - 06:38, 22 July 2025
  • Hiawatha (web server) (category Cross-platform free software)
    v8.6) Hiawatha aimed to prevent SQL-injection, cross-site scripting (XSS), Cross-site request forgery (CSRF), and denial-of-service attacks. It allowed...
    9 KB (776 words) - 01:59, 4 May 2025
  • Self-XSS
    however, chaining it with a cross-site request forgery vulnerability escalates its impact to that of typical cross-site-scripting. In the past, a very...
    6 KB (552 words) - 11:28, 16 April 2025
  • Exploit (computer security)
    users, potentially leading to session hijacking or data theft. Cross-Site Request Forgery (CSRF): Attackers trick users into performing actions they did...
    18 KB (1,951 words) - 07:23, 26 June 2025
  • DOM clobbering
    open redirections by overwriting the window.location attribute, cross-site request forgery, or even gain arbitrary code execution via careful manipulation...
    15 KB (1,734 words) - 05:56, 8 April 2024
  • Cross-site leaks
    only be set by the browser. Cross origin resource sharing Same origin policy Cross-site scripting Cross-site request forgery While there are other possible...
    65 KB (7,518 words) - 03:17, 7 June 2025
  • Thumbnail for Cross-site cooking
    Cross-site cooking
    Cross-site cooking is similar in concept to cross-site scripting, cross-site request forgery, cross-site tracing, cross-zone scripting etc., in that it involves...
    3 KB (379 words) - 16:05, 31 March 2025
  • Thumbnail for WebSocket
    WebSocket
    connection establishment, to avoid cross-site WebSocket hijacking attacks (similar to cross-site request forgery), which might be possible when the connection...
    55 KB (3,975 words) - 12:36, 18 July 2025
  • Web Messaging (redirect from Cross-document messaging)
    Presto layout engines. Cross-site scripting Cross-site request forgery Same-origin policy Cross-origin resource sharing JSONP Cross-Document Messaging –...
    7 KB (681 words) - 23:29, 18 November 2024
  • OWASP
    concerns such as phishing, credit card handling, session fixation, cross-site request forgeries, compliance, and privacy issues. OWASP Testing Guide: The OWASP...
    18 KB (1,601 words) - 20:20, 10 July 2025
  • Security hacker
    examples of security exploits are SQL injection, cross-site scripting and cross-site request forgery which abuse security holes that may result from substandard...
    55 KB (5,962 words) - 03:26, 11 June 2025
  • Vulnerability (computer security)
    might be able to take over the entire server. Cross-site request forgery (CSRF) is creating client requests that do malicious actions, such as an attacker...
    27 KB (3,333 words) - 03:19, 9 June 2025
  • Thumbnail for Django (web framework)
    Django (web framework)
    applications tools for generating Sitemaps built-in mitigation for cross-site request forgery, cross-site scripting, SQL injection, password cracking and other typical...
    38 KB (2,560 words) - 14:40, 20 July 2025
  • Session hijacking
    this will not protect against attacks such as Firesheep. ArpON Cross-site request forgery HTTP cookie TCP sequence prediction attack Bugliesi, Michele;...
    17 KB (1,972 words) - 05:54, 31 May 2025
  • Firefox version history
    default of all cookies to having a SameSite=lax attribute which helps defend against Cross-Site Request Forgery (CSRF) attacks, the selection of printing...
    233 KB (25,632 words) - 01:17, 1 July 2025
  • Adobe Flash Player (category Proprietary cross-platform software)
    cross-site request forgery, cross-site scripting, DNS rebinding, and denial-of-service attacks. Websites must host a certain XML file termed a cross domain...
    137 KB (13,067 words) - 20:49, 8 July 2025