Cross-Site Request Forgeries (CSRF)

Definition: http://en.wikipedia.org/wiki/Cross-site_request_forgery

Example:

<img src=”http://csrf.com/logout?confirm=true”>

<body onload=”$(‘form’).submit()”>
<form action=”http://csrf.com/” method=”post”>
<input name=”confirm” value=”true” />
</form>
</body>

Protection:
– Check the referrer
– Insert a token to the form, store the token and token_time in session
– Insert the cookies to the form via js (remote XmlHttpRequest calls cannot read cookies)