CSRF

Segurança

Definição

Cross-Site Request Forgery (Falsificação de Solicitação entre Sites). Um ataque que engana o navegador de um usuário autenticado para enviar uma solicitação indesejada a uma aplicação web. Prevenido por tokens anti-CSRF, cookies SameSite e verificação do cabeçalho Origin.

The Trust Model CSRF Exploits

Cross-Site Request Forgery tricks a victim's browser into sending an authenticated request to a target site without the victim's knowledge. The browser automatically includes cookies — so if the user is logged into their bank, a malicious page can silently transfer funds by loading an invisible image whose src is the bank's transfer endpoint. The server sees a valid session cookie and complies.

Why CORS Doesn't Fully Stop It

CSRF predates CORSCross-Origin Resource Sharing. A browser security mechanism that uses HTTP headers to control which origins (domains) are permitted to access resources from another origin. Essential for modern web APIs that serve cross-domain requests. and exploits a different mechanism. CORS restricts JavaScript from reading cross-origin responses, but CSRF attacks using HTML forms or <img> tags don't need to read responses — they only need the request to fire. A GET endpoint that mutates state is therefore trivially exploitable regardless of CORS policy.

Mitigation Techniques

Defense Mechanism
CSRF tokens Unpredictable value in forms, validated server-side
SameSite cookie attribute Browser sends cookie only on same-site requests
Origin / Referer header validation Server rejects requests from unexpected origins
Double-submit cookie Token in both cookie and request parameter

XSSCross-Site Scripting. A web vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users. XSS can steal session cookies, redirect users, or deface websites; mitigated by output encoding and CSP headers. can defeat CSRF token protections — an attacker who can run JavaScript in the victim's browser can read the token and forge a valid request. This is why XSS prevention is a prerequisite for CSRFCross-Site Request Forgery. An attack that tricks an authenticated user's browser into sending an unintended request to a web application. Prevented by anti-CSRF tokens, SameSite cookies, and verifying the Origin header. defense. Modern frameworks (Django, Rails, Spring) include CSRF middleware by default.

Termos relacionados

Mais em Segurança