As mentioned in the previous posts Cross-Site request forgery is an attacker forcing a User to execute a command in a web application which he has already authenticated.
This article discusses a method using double cookie submit to prevent that attack. This method is also called the stateless CSRF method since the server does not save any information about the cookie.
- This is an interface to enter login credentials on a website.
- When the user authenticated to a web application it generates a cookie and saves it on the client side machine. And whenever the CSRF protection is needed send the csrf token hidden in the body of the HTML form.
- Opone the form page is loading the body calls for the function Token().
- The function request for the token from the csrf URL by GET method and place it in the hidden_token id from the HTML form.
- csrf generates the token and sets it on a cookie.
- When the credentials were submitted to the server side it validates the credentials and compares the token sent by the POST method and the token stored in the cookie to verify CSRF has not occurred.
- If all matches successfully access will be granted.
So how is the transmission protected?
Well even though the attacker gets to forge a request there is no way he can get to know this token value stored in the cookie. So the request of an attacker will be denied.
No comments:
Post a Comment