skip to main | skip to sidebar

Simple life, Complicated mind

Tuesday, March 29, 2016

Cross-Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF)

Preventing Cross-Site Request Forgery in Go
https://elithrar.github.io/article/preventing-csrf-attacks-in-go/

Why refresh CSRF token per form request?
http://security.stackexchange.com/questions/22903/why-refresh-csrf-token-per-form-request

Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet
https://www.owasp.org/index.php/Cross-Site_Request_Forgery_%28CSRF%29_Prevention_Cheat_Sheet#Double_Submit_Cookies
Posted by Jun Hsieh at 12:04 AM
Labels: JavaScript

No comments:

Post a Comment

Newer Post Older Post Home
Subscribe to: Post Comments (Atom)

Total Pageviews

Search This Blog

About Me

  • https://github.com/junxie6
  • https://stackoverflow.com/users/409319/jun-hsieh
  • https://blog.ijun.org/

Recommended Articles

  • CentOS and Red Hat 7: Install Linux, Apache MPM, MariaDB, PHP (LAMP) Stack
  • Install MySQL 5.7, Apache 2.4, PHP 7.1 on Ubuntu 16.04

Labels

  • Amazon Web Services (9)
  • Android (2)
  • AngularJS (2)
  • Apache (72)
  • Arduino (1)
  • Assembly (19)
  • Backup (39)
  • Bash (8)
  • Batch (14)
  • Big Data (1)
  • Book (1)
  • Business Terminology (9)
  • C (58)
  • C# .NET (71)
  • command (71)
  • Computer Terminology (27)
  • Data (1)
  • Data mining (1)
  • Debian (1)
  • Debugging (52)
  • Django (7)
  • DNS (5)
  • Docker (12)
  • Drupal (125)
  • Drupal 8 (12)
  • Elasticsearch (1)
  • English Vocabulary (56)
  • ERP (3)
  • Excel (4)
  • Exchange Server (41)
  • FFmpeg (4)
  • Financial Management (1)
  • FreeBSD (270)
  • Game (1)
  • Git (8)
  • golang (54)
  • Golden Saying Quotation (77)
  • Good Articles (143)
  • Google Sheets (1)
  • Hardware (5)
  • Health (8)
  • HTML/CSS (46)
  • HTML5 (3)
  • IIS (14)
  • ImageMagick (3)
  • Internet of Things (IoT) (3)
  • iPhone (2)
  • Issue Tracker (2)
  • IT Talk (4)
  • Java (1)
  • JavaScript (79)
  • jQuery (61)
  • jQWidgets (2)
  • Linux (111)
  • Load Balancing (19)
  • Mac OS X (15)
  • Magento (70)
  • Magento 2 (13)
  • Mail (17)
  • Math (4)
  • Miscellaneous (Others) (30)
  • Money (11)
  • MongoDB (2)
  • MySQL (172)
  • Network (13)
  • News (4)
  • Nginx (16)
  • Node.js (3)
  • Performance (31)
  • Perl (12)
  • pfSense (7)
  • PHP (183)
  • PhpStorm (3)
  • PHPUnit (2)
  • Postfix (3)
  • PostgreSQL (2)
  • PowerShell (5)
  • PrestaShop (2)
  • Printer (5)
  • Programming Talk (152)
  • Prometheus (1)
  • Proxy (9)
  • Python (19)
  • Raspberry PI (4)
  • Redis (3)
  • Redundancy (8)
  • Regular Expression (16)
  • Restaurant (1)
  • Reverse Engineering (1)
  • Revision Control (32)
  • RouterOS (1)
  • Ruby (3)
  • Script (8)
  • Security (16)
  • Software Quality Assurance and Testing (21)
  • SQL Injection (11)
  • SQL Server (77)
  • SSH (5)
  • Storage (3)
  • Symfony (25)
  • tmp (31)
  • ToDo (181)
  • Tools (156)
  • Two-factor Authentication (3)
  • Ubuntu (25)
  • Unicode (32)
  • Unix-like Tips (88)
  • VB .NET (4)
  • VBScript (66)
  • Video conferencing (2)
  • vim (101)
  • VirtualBox (2)
  • Virtualization (8)
  • VMware (21)
  • VoIP (1)
  • VPN (14)
  • Vue (3)
  • Web Development (6)
  • Windows API (1)
  • Windows MIS (127)
  • Windows Mobile (4)
  • WPF (1)
  • X Window (2)
  • Xen (2)
  • XML (6)
  • Zend Studio (1)

Blog Archive

  • ►  2019 (9)
    • ►  June (1)
    • ►  April (1)
    • ►  March (2)
    • ►  February (3)
    • ►  January (2)
  • ►  2018 (49)
    • ►  November (2)
    • ►  October (4)
    • ►  September (13)
    • ►  August (3)
    • ►  July (2)
    • ►  June (1)
    • ►  May (6)
    • ►  February (8)
    • ►  January (10)
  • ►  2017 (94)
    • ►  December (19)
    • ►  November (2)
    • ►  October (11)
    • ►  September (11)
    • ►  July (4)
    • ►  June (1)
    • ►  May (5)
    • ►  April (6)
    • ►  March (4)
    • ►  February (25)
    • ►  January (6)
  • ▼  2016 (196)
    • ►  December (10)
    • ►  November (11)
    • ►  October (17)
    • ►  September (5)
    • ►  August (3)
    • ►  July (9)
    • ►  June (15)
    • ►  May (14)
    • ►  April (35)
    • ▼  March (49)
      • Check which services failed to start on boot on Ce...
      • Cross-Site Request Forgery (CSRF)
      • HTTP Cookies: What's the difference between Max-ag...
      • convert array to csv string
      • gorilla csrf - Forbidden - CSRF token invalid
      • Convert struct to json. Then, output to the browser
      • initialize data structure and convert it to a JSON...
      • When should you use JSON Web Tokens?
      • Some interesting articles regarding Go and Node.js
      • complacency 自信自滿 - a feeling of smug or uncritical...
      • cannot convert data (type interface {}) to type st...
      • Encode Decode arbitrary map and JSON in Go golang
      • Serving static content files in Go Gorilla
      • Set HTTP header content type to HTML in Go Gorilla
      • create a temporary file storage
      • asynchronous web server in .NET
      • How to Log Messages in Drupal 8
      • veteran - 老將、老兵、有經驗的人
      • Send email in Drupal 8
      • use EDGE.JS to integrate .NET framework into Node.js
      • intrigue 激起 .. 的好奇心 To engage in secret or underha...
      • prologue 序幕/開場白 An introduction or introductory ch...
      • sway 搖擺/撼動 - To exert influence or control over: H...
      • How to create an empty object
      • eccentricities 怪異、超呼尋常 - unconventional or irregul...
      • seasoned 老練 - To render competent through trial an...
      • idioms 慣用語法 - A specialized vocabulary used by a g...
      • vastly 極大地 - Very great in size
      • perpetually 永久性地 - Lasting forever; never-ending
      • Focus state bug on text field AJAX calls
      • CSS Background Image Opacity
      • Display word one by one
      • jQuery display character text one by one
      • Install PHP 7 on CentOS through IUS Repository
      • How can I process the results of find in a bash sc...
      • Set up SSH for Git on GitHub
      • endeavour 努力 - try hard to do or achieve something.
      • Amazon provide VPN access with their Virtual Priva...
      • temptation 誘惑誤導 - a desire to do something, especi...
      • subtle 微妙難捉摸的 - (especially of a change or distinc...
      • parallax scrolling
      • creep 潛入 - (of a thing) move very slowly at an ine...
      • tackle 決心做某事 - make determined efforts to deal wit...
      • Why does this CSS margin-top style not work?
      • hone - refine or perfect (something) over a period...
      • jQuery animate fired the callback twice
      • Display a video from a Blob Javascript
      • use Unicode in AutoHotKey
      • special permission setuid setgid sticky bit
    • ►  February (10)
    • ►  January (18)
  • ►  2015 (306)
    • ►  December (26)
    • ►  November (24)
    • ►  October (9)
    • ►  September (23)
    • ►  August (18)
    • ►  July (34)
    • ►  June (12)
    • ►  May (6)
    • ►  April (27)
    • ►  March (35)
    • ►  February (61)
    • ►  January (31)
  • ►  2014 (220)
    • ►  December (23)
    • ►  November (53)
    • ►  October (4)
    • ►  September (7)
    • ►  August (17)
    • ►  July (35)
    • ►  June (18)
    • ►  May (2)
    • ►  April (20)
    • ►  March (10)
    • ►  February (20)
    • ►  January (11)
  • ►  2013 (163)
    • ►  December (6)
    • ►  November (12)
    • ►  October (12)
    • ►  September (27)
    • ►  August (18)
    • ►  July (15)
    • ►  June (18)
    • ►  May (29)
    • ►  April (19)
    • ►  March (1)
    • ►  January (6)
  • ►  2012 (131)
    • ►  December (22)
    • ►  November (11)
    • ►  October (6)
    • ►  September (2)
    • ►  August (1)
    • ►  July (5)
    • ►  June (13)
    • ►  May (16)
    • ►  April (8)
    • ►  March (7)
    • ►  February (9)
    • ►  January (31)
  • ►  2011 (236)
    • ►  December (51)
    • ►  November (38)
    • ►  October (27)
    • ►  September (34)
    • ►  August (5)
    • ►  July (8)
    • ►  June (6)
    • ►  May (14)
    • ►  April (4)
    • ►  March (19)
    • ►  February (6)
    • ►  January (24)
  • ►  2010 (259)
    • ►  December (56)
    • ►  November (43)
    • ►  October (6)
    • ►  September (7)
    • ►  August (18)
    • ►  July (39)
    • ►  June (12)
    • ►  May (25)
    • ►  April (12)
    • ►  March (14)
    • ►  February (9)
    • ►  January (18)
  • ►  2009 (742)
    • ►  December (58)
    • ►  November (143)
    • ►  October (55)
    • ►  September (48)
    • ►  August (35)
    • ►  July (31)
    • ►  June (40)
    • ►  May (25)
    • ►  April (95)
    • ►  March (99)
    • ►  February (42)
    • ►  January (71)
  • ►  2008 (273)
    • ►  December (70)
    • ►  November (71)
    • ►  October (68)
    • ►  September (54)
    • ►  August (2)
    • ►  July (7)
    • ►  June (1)

Popular Posts

  • Magento Get Add to Cart URL of any Product
  • 搬家愈多次,物質慾愈少?
  • 寫程式是一種超能力
  • 800a0004 Invalid algorithm specified / Invalid flags specified Persits ASP encryption
  • NginX with FastCGI and C
  • Understanding ELF using readelf and objdump
  • Volume Shadow Copy Failed to create the storage area association
  • Debugging Note
  • Data Sanitization - Reducing Security Holes in an ASP Web Site SQL Injection
  • Boost your Drupal site

Recommend Sites

  • fcamel 技術隨手記
  • fcamel's blog
  • FourDollars Blog
  • Fred's Blog
  • Gea-Suan Lin's BLOG
  • SCRATCHING MY NEEDS
  • Think Exist
  • Thinker
  • 一又@CROSS [ SSORC.tw ]
  • 小惡魔 AppleBOY
  • Joey