Articles : Page 1 of 1

Preventing CSRF With Ajax

Oct 11

11

A long while ago I wrote about the potential dangers of Cross-site Request Forgery attacks, also known as CSRF or XSRF. These exploits are a form of confused deputy attack. Screen grab from The Police Academy movie.In that post, I covered how ASP.NET MVC includes a set of anti-forgery helpers to help mitigate such exploits. The helpers include an HTML helper meant to be called in the form that renders a hidden input, and an attribute applied to the controller action to protect. These helpers...
- AJAX
- jQuery
- Security
- JSON
- EntityFramework
- Url
- Nuget
- Controller
- HTTP
- Ef
- Filter
- ACT
- Di
- Csrf
- Xsrf
- Antiforgery

1