csrf-protection
Prevent CSRF on things which aren't part of forms in codeigniter
I know that Codeigniter has a very useful security class which can prevent CSRF/XSRF if you use the form helpers, but since the CI url structure calls a lot of functions pretty much directly, how can[详细]
2023-03-26 13:16 分类:问答Are we really secured from CSRF?
confirm.php <?php session_start(); $token= md5(uniqid()); $_SESSION[\'delete_customer_token\']= $token;[详细]
2023-03-25 20:14 分类:问答Using a session token or nonce for Cross-site Request Forgery Protection (CSRF)?
I inherited some code that was recently attacked where the attacker sent repeated remote form submissions.[详细]
2023-03-25 04:30 分类:问答CSRF Java libraries
I was wondering what libraries are out there regarding protecting J2EE applications against CSRF attacks.[详细]
2023-03-21 08:45 分类:问答CSRF protection only for requests with side effect (POST, DELETE, PUT)?
As far I understand Cross-Site Request Forgery attacks they \"only\" used to change state on Server side.[详细]
2023-03-20 18:42 分类:问答Simulate CSRF Attack
I want to simulate CSRF Attack to check my website vulnerability. I tried it on my asp.net webapplication but failed to simulate. So please help me to simulate the CSRF attack. I have simulated by hav[详细]
2023-03-18 22:48 分类:问答how to generate and validate csrf tokens
what is the bes开发者_JS百科t way to generate a csrf token and verify. From what i have been able to gather, even if you have a hidden form field in a \"post\" form a hacker can simply get that form u[详细]
2023-03-05 15:20 分类:问答ViewStateUserKey isn't preventing CSRF?
I suspect this is due to my test configuration, but I wanted to ask you folks for your thoughts.I was playing around with a quick test project.I had a simple forms auth page and an order page (two fie[详细]
2023-03-03 22:41 分类:问答Protecting a protected JSON web service from data harvesting?
We have a JSON web service that is is used by one of our webpages to show \"live\" data. To get to the page, the user must be logged in. We are concerned about the ability of malicious sites (competit[详细]
2023-02-24 19:42 分类:问答Prevent Logout Action from Happening from Untrusted Sources in PHP
I have an action in my site: http://mysite.com/User/Logout This will log the current user out of his/her session. Since this is a simple GET request, a malicious user could either create links to t[详细]
2023-02-13 22:40 分类:问答
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......