ASP.NET Core SPA Cookie Authentication vs XSRF - Securing Against Cross-Site Attacks

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!

Grab it

Learn how to secure your Single Page Application (SPA) against Cross-Site Request Forgery (XSRF/CSRF) attacks using ASP.NET Core cookie authentication. Explore various attack scenarios, including cross-site login attempts with fetch and form posts, and implement effective defense strategies such as Origin and Referer checks. Discover the differences between Strict and Lax cookies, and understand the potential risks of man-in-the-middle attacks. Gain practical knowledge on implementing robust security measures for your ASP.NET Core SPA using C# minimal APIs, applicable to .NET 7, .NET 6, and .NET 5.

Syllabus

Introduction
Attack 1: cross site login with fetch
Attack 2: cross site login with form post
Defence: Origin & Referer
Attack 3: cross site request execution
Strict vs Lax Cookies
Man in the middle attack

Taught by

Raw Coding

Reviews

Start your review of ASP.NET Core SPA Cookie Authentication vs XSRF - Securing Against Cross-Site Attacks

Taught by

Cross Site Request Forgery (CSRF) Prevention for ASP.NET Core and ASP.NET Applications

ASP.NET Core 6 Identity and Security (SECOND EDITION)

The Past, Present, and Future of Cross-Site and Cross-Origin Request Forgery

Surfing the Sea and Drowning in Tabs - An Introduction to Cross Site Request Forgery

ASP.NET Core SPA Authentication Tutorial - Implementing Cookie-Based Auth for Single Page Applications

ASP.NET Core Cookie Authentication - Minimal APIs and C# (.NET 7)

14 Best C# and .NET Courses for 2024

Never Stop Learning.