Overview
Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Learn about Cross Site Request Forgery (CSRF) in this 50-minute conference talk from Circle City Con 2015. Explore the fundamentals of CSRF, including its definition, how it occurs, and its relationship to the same-origin policy. Dive into key concepts such as viewstate, headers, MVC, and cookies. Discover defensive strategies like the Encrypted Token Pattern and other tactics to protect against CSRF attacks. Gain insights from real-world examples, including a Twitter case study, and access valuable resources for further learning. Enhance your web security knowledge and learn to safeguard applications from this common vulnerability.
Syllabus
Intro
What is Cross Site Request Forgery
App
How did this happen
Same origin policy
Viewstate
Header
MVC
Cookies
Encrypted Token Pattern
Other Tactics
Resources
Twitter
Example