A Look at Cross-Site Request Forgeries (CSRF) and Browser Hijacking
|
09-01-2008, 09:47 AM,
Post: #1
|
|||
|
|||
A Look at Cross-Site Request Forgeries (CSRF) and Browser Hijacking
Quote:Generally, browsers stop cross-site communication by following the "same-origin policy". This rule is pretty simple: if your site has a different origin - protocol, domain, and port don't all match - you aren't allowed to access information from or send requests to the other site. Without this simple rule, there would be no security on the internet. Every website could access data from every other one - you'd need a separate web browser for every website. full article: http://www.theregister.co.uk/2008/08/29/...d_browser/ |
|||
« Next Oldest | Next Newest »
|
Possibly Related Threads… | |||||
Thread | Author | Replies | Views | Last Post | |
How To Protect Your Website From Cross-Site Scripting (XSS) Attacks | mandy | 0 | 2,964 |
06-26-2007, 08:40 AM Last Post: mandy |
|
Effects of Domain Hijacking Can Linger After Domain is Restored to Owner | mandy | 0 | 2,432 |
02-09-2006, 11:44 AM Last Post: mandy |
|
Ohio High School Senior Faces Felony Charge for Refreshing Browser | mandy | 2 | 3,163 |
01-08-2006, 06:51 AM Last Post: stardust |
|
Port Scanning: Do Hackers Look Before They Leap? | Kristijntje | 0 | 2,450 |
12-10-2005, 09:27 AM Last Post: Kristijntje |
Users browsing this thread: 1 Guest(s)