Browsed by
Month: August 2018

CSRF Tokens? What Tokens?

CSRF Tokens? What Tokens?

In a previous blog post where I covered Cross-Site Request Forgery and what potential impacts and consequences such an attack may have, I wrote that a popular way to prevent such an attack from unfolding is to generate tokens.¬†In that blog post, I noted that when a website generates tokens, a CSRF attack might be stopped. One thing I did not cover though is that whether the attack will be stopped or not depends on how the tokens are implemented.¬†Confused?…

Read More Read More