cross-site request forgery

päringuvõltsing

olemus
rünne, mis petab laadima veebilehte,
mille kaudu tehakse mingi kahjulik toiming
veebirakenduse kasutaja nimel ja õigustega, näiteks ostetakse midagi
=
an attack that forces authenticated users to submit a request to a web application against which they are currently authenticated

ülevaateid
https://en.wikipedia.org/wiki/Cross-site_request_forgery

https://halls-of-valhalla.org/beta/articles/cross-site-request-forgery-demystified,47/

http://www.cgisecurity.com/csrf-faq.html

https://owasp.org/www-community/attacks/csrf

https://www.defcon.org/images/defcon-17/dc-17-presentations/defcon-17-bailey-mcree-csrf.pdf

tõrje
https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html

https://people.eecs.berkeley.edu/~daw/teaching/cs261-f11/reading/csrf.pdf

https://docs.djangoproject.com/en/1.8/ref/csrf/

http://www.adambarth.com/papers/2008/barth-jackson-mitchell-b.pdf

https://docs.angularjs.org/api/ng/service/$http#cross-site-request-forgery-xsrf-protection

vt ka
- päringuvõltsingu talong

Toimub laadimine

cross-site request forgery

päringuvõltsing

olemus
rünne, mis petab laadima veebilehte,
mille kaudu tehakse mingi kahjulik toiming
veebirakenduse kasutaja nimel ja õigustega, näiteks ostetakse midagi
=
an attack that forces authenticated users to submit a request to a web application against which they are currently authenticated

ülevaateid
https://en.wikipedia.org/wiki/Cross-site_request_forgery

https://halls-of-valhalla.org/beta/articles/cross-site-request-forgery-demystified,47/

http://www.cgisecurity.com/csrf-faq.html

https://owasp.org/www-community/attacks/csrf

https://www.defcon.org/images/defcon-17/dc-17-presentations/defcon-17-bailey-mcree-csrf.pdf

tõrje
https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html

https://people.eecs.berkeley.edu/~daw/teaching/cs261-f11/reading/csrf.pdf

https://docs.djangoproject.com/en/1.8/ref/csrf/

http://www.adambarth.com/papers/2008/barth-jackson-mitchell-b.pdf

https://docs.angularjs.org/api/ng/service/$http#cross-site-request-forgery-xsrf-protection

vt ka
- päringuvõltsingu talong

Palun oodake...

Tõrge

cross-site request forgery

päringuvõltsing

olemus
rünne, mis petab laadima veebilehte,
mille kaudu tehakse mingi kahjulik toiming
veebirakenduse kasutaja nimel ja õigustega, näiteks ostetakse midagi
=
an attack that forces authenticated users to submit a request to a web application against which they are currently authenticated

ülevaateid
https://en.wikipedia.org/wiki/Cross-site_request_forgery

https://halls-of-valhalla.org/beta/articles/cross-site-request-forgery-demystified,47/

http://www.cgisecurity.com/csrf-faq.html

https://owasp.org/www-community/attacks/csrf

https://www.defcon.org/images/defcon-17/dc-17-presentations/defcon-17-bailey-mcree-csrf.pdf

tõrje
https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html

https://people.eecs.berkeley.edu/~daw/teaching/cs261-f11/reading/csrf.pdf

https://docs.djangoproject.com/en/1.8/ref/csrf/

http://www.adambarth.com/papers/2008/barth-jackson-mitchell-b.pdf

https://docs.angularjs.org/api/ng/service/$http#cross-site-request-forgery-xsrf-protection

vt ka
- päringuvõltsingu talong

Andmete allalaadimisel või töötlemisel esines tehniline tõrge.
Vabandame!