- CSRF
CSRF (Cross-Site Request Forgery) cross-site request forgery mainly uses the unexpired cookie information on the browser side to forge the identity and pass the server's identity verification. - Defense
(1) Verify the HTTP Referer field
(2) Add the token to the request address and verify
(3) Customize the attributes in the HTTP header and verify
Web security-CSRF attack
Guess you like
Origin blog.csdn.net/SJ1551/article/details/109219723
Recommended
Ranking