Articles related to csrf
Cross-Site Request Forgery (CSRF) - Ruby - About.com
Cross-Site Request Forgery: The exploitation of a site utilizing the trust a site has for a certain user. This often involves tricking authorized users into clicking on ...
CSRF - Cross-site Request Forgery - Ruby - About.com
There are two huge vulnerabilities in all web applications and web sites, and those are XSS and CSRF. What is this alphabet soup? XSS is cross-site scripting, ...
Understanding Cross-Site Request Forgery (CSRF)
Cross-Site Request Forgery, aka CSRF (pronounced Sea-Surf), is a security vulnerability that goes by many names. You might know it better as XSRF, ...
The Intent and Impact of Cross-Site Request Forgery (CSRF) Attacks
There are a number of reasons that someone would want to launch a CSRF attack and each has its own unique impact. If your Ruby on Rails code is vulnerable ...
CSRF Without XSS - Ruby - About.com
CSRF attacks are similar in nature to Cross-Site Scripting (XSS) attacks and can occur in conjunction with an XSS attacks, but they don't always go hand-in-hand ...
CSRF With XSS - Ruby - About.com
Previously we discussed how a Cross-Site Request Forgery attack can occur without a Cross-Site Scripting breach or, as we called it, CSRF without XSS.
3 Countermeasures to Protect Ruby From CSRF Attacks - About.com
To protect against CSRF, Web developers have to go the extra mile. Of course, as with any vulnerabilities, doing things correctly from the get-go is extremely ...
Securing Ruby Code - About.com
Running Ruby programs or Ruby on Rails server software? Take a look at this analysis of software vulnerable to security breaches and CSRF attacks because ...
Exploitation of Security Vulnerabilities in Ruby Code - About.com
Does your Ruby code have security vulnerabilities? Take a look at this analysis of a CSRF attack with XSS and Filtering to see if your site might be at risk.
Dealing With Ruby Vulnerabilities: Pay Attention to Idempotence
Since the same protection against CSRF attacks can be achieved manually through careful attention to idempotence and the post_only before filter, it may not be ...