Gå till:

Våra volontärer har inte översatt denna artikel till Svenska ännu. Gå med oss och hjälpa till att få jobbet gjort!
Du kan också läsa artikeln på English (US).

CSRF (Cross-Site Request Forgery) is an attack that impersonates a trusted user and sends a website unwanted commands. This can be done, for example, by including malicious parameters in a URL behind a link that purports to go somewhere else:

<img src="https://www.example.com/index.php?action=delete&id=123">

For users who have some permissions on https://www.example.com, the <img> element will execute action on https://www.example.com without their noticed, even if the element is not at https://www.example.com.

There are many ways to prevent CSRF, such as implement RESTful API, add secure token, etc.

Learn more

General knowledge

Dokumenttaggar och bidragare

Taggar: 
Bidragare till denna sida: mdnwebdocs-bot, tkrotoff, iigmir, hbloomer, klez, Andrew_Pfeiffer
Senast uppdaterad av: mdnwebdocs-bot,