Cross-Domain requests describe requests from one domain to another. A typical example of this are Facebook information on another domain, either to display a user’s friends on the site, or even to automatically log a user into the site if still logged into Facebook. But this example is obviously not malicious. There are two types [...]
- Author: Martin Brinkmann
- Comments: 9
CsFire, Protects Against Malicious Cross-Domain Requests In Firefox
- Author: Martin Brinkmann
- Comments: None
Google Implements Cross-site Request Forgery Protection
Cross-site Request Forgery are carried out from a computer system or user that is trusted by a website. Cookies that do not expire after a user closes the website or web browser are one of the most common forms of trust that can be exploited by cross-site request forgery attacks. The attacker needs to use [...]