Difference between revisions of "Cross-site request forgery"

From Wiki @ Karl Jones dot com
Jump to: navigation, search
(Created page with "'''Cross-site request forgery''', also known as '''one-click attack''' or '''session riding''' and abbreviated as '''CSRF''' (sometimes pronounced sea-surf) or '''XSRF''', is...")
(No difference)

Revision as of 09:45, 8 November 2016

Cross-site request forgery, also known as one-click attack or session riding and abbreviated as CSRF (sometimes pronounced sea-surf) or XSRF, is a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the website trusts.

Comparison with cross-site scripting

Unlike cross-site scripting (XSS), which exploits the trust a user has for a particular site, CSRF exploits the trust that a site has in a user's browser.

See also

External links