loading table of contents...

4.3.6.6. Protecting against Cross Site Request Forgery

Cross-site request forgery (CSRF) is a trivial attack on a web application, which - if vulnerable to this attack - allows an attacker to perform a state-modifying operation on behalf of an authenticated, honest user. Depending on the nature of the web application and the operations an authenticated user may perform, the potential damage may be significant. For instance, a vulnerable application may allow an attacker to take over an honest user's account by changing that user's email address to his own.

A variation on CSRF is "login CSRF", which is an attack tricking an honest user to log into a vulnerable application with an account owned by the attacker. An unsuspecting user who fell victim to this attack may add valuable information, such as his address or payment information to the account, resulting in a leak of sensitive user data to the attacker.

More information on cross-site request forgery can be found at the Open Web Application Security Project: CSRF.

To reduce a CAE application's risk of vulnerability to CSRF attacks, the CAE provides a blanket protection against CSRF and login CSRF. As long as the application adheres to a set of conventions, this protection is mostly transparent. If enabled in an application which does not comply with the necessary conventions, the protection may be ineffective or state-modifying operations (for example POST requests made by authenticated users) may incorrectly be treated as attacks and rejected.