Analysis
Cross Site Request Forgery: Making Your Browser Act Against You
CSRF tricks a logged in user's browser into sending a real, authenticated request they never intended. Here is how it abuses the way browsers handle cookies, and how to shut it down.
8 min read·#csrf#web-security#cookies