Cross-site request forgery

From Wiki @ Karl Jones dot com
Revision as of 09:45, 8 November 2016 by Karl Jones (Talk | contribs) (Created page with "'''Cross-site request forgery''', also known as '''one-click attack''' or '''session riding''' and abbreviated as '''CSRF''' (sometimes pronounced sea-surf) or '''XSRF''', is...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Cross-site request forgery, also known as one-click attack or session riding and abbreviated as CSRF (sometimes pronounced sea-surf) or XSRF, is a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the website trusts.

Comparison with cross-site scripting

Unlike cross-site scripting (XSS), which exploits the trust a user has for a particular site, CSRF exploits the trust that a site has in a user's browser.

See also

External links

Retrieved from "http://wiki.karljones.com/index.php?title=Cross-site_request_forgery&oldid=19604"