What Is Cross-Site Request Forgery?
The cross-site request forgery attack first assumes that the victim has already authenticated on a target website, such as a banking site, Paypal, or other site to be attacked. This authentication must be stored in a way so that if the user leaves the site and returns, they are still seen as logged in by the target website. The attacker must then get the victim to access a page or link that will execute a request or post to the target website. If the attack works, then the target website will see a request coming from the victim and execute the request as that user. This, in effect, lets the attacker execute any action desired on the targeted website as the victim. The potential result could transfer money, reset a password, or change an email address at the targeted website.
How the Attack Works
The act of getting the victim to use a link does not require them clicking on a link. A simple image link could be enough:
<img src="http://www.examplebank.com/movemoney.aspx?from=myaccount&to=youraccount&amount=1000.00" width="1" height="1" />
- Web Security Awareness: Cross-Site Request Forgery (CSRF) (agilewebstrategy.org)
- How can prevent Cross-Site Request Forgery in MVC? Part 1 (codingtips.net)
- Cross Site Request Forgery in JS Web Apps (alexmaccaw.com)