The impact of a successful CSRF attack is limited to the capabilities exposed by the vulnerable application and privileges of the user. This attack is thwarted when proper Authorization is used, which implies that a challenge-response mechanism is required that verifies the identity and authority of the requester.
Therefore, if the user is authenticated to the site, the site cannot distinguish between legitimate authorized requests and forged authenticated requests. A CSRF attack works because browser requests automatically include all cookies including session cookies. Insecure Direct Object Reference PreventionĬross-Site Request Forgery Prevention Cheat Sheet ¶ Introduction ¶Ĭross-Site Request Forgery (CSRF) is a type of attack that occurs when a malicious web site, email, blog, instant message, or program causes a user's web browser to perform an unwanted action on a trusted site when the user is authenticated. JavaScript Guidance for Auto-inclusion of CSRF tokens as an AJAX Request header
Identifying Source Origin (via Origin/Referer header) Use Built-In Or Existing CSRF Implementations for CSRF Protection