Cross-Site Request Forgery (CSRF)

By Michael Morin, About.com Guide

Definition:

Cross-Site Request Forgery: The exploitation of a site utilizing the trust a site has for a certain user. This often involves tricking authorized users into clicking on malicious links or otherwise tricking their web browsers into making HTTP requests.

Pronunciation: CSRF is pronounced like "Sea-Surf."

Also Known As: XSRF, side-jacking, session riding, one-click attack.

Understanding Cross-Site Request Forgery (CSRF)
CSRF - Cross-site Request Forgery
The Intent and Impact of Cross-Site Request Forgery (CSRF) Attacks
Is Your Linksys or Netgear Router Vulnerable to a Serious Attack?
Is Web 2.0 Safe?

Michael Morin
Ruby Guide

Sign up for My Newsletter

Headlines
Forum

See More About

csrf
security
ruby glossary
ruby on rails

Top Related Searches sea surf csrf forgery web browsers pronunciation

Ruby

About.com
Computing
Ruby
Glossary
A - F
Cross-Site Request Forgery (CSRF)

Advertise on About.com
Our Story
News & Events
SiteMap
All Topics
Reprints
Help

Write for About
Careers at About
User Agreement
Ethics Policy
Patent Info.
Privacy Policy
Your Ad Choices