• This is a title
    		•

    Cross-Site Request Forgery




    Download 22,59 Mb.
    Pdf ko'rish
    bet225/225
    Sana14.05.2024
    Hajmi22,59 Mb.
    #232856
    1   ...   217   218   219   220   221   222   223   224   225
    Bog'liq
    learningkalilinux

    Cross-Site Request Forgery

    cross-site request forgery
    (CSRF) attack creates a request that appears to be associ‐
    ated with one site when, in fact, it’s going to another site. Or, put another way, a user
    Web-Based Attacks | 251

    visits one page that either is on site X or appears to be on site X when in fact a request
    on that page is being requested against site Y. To understand this attack, it helps to
    know how HTTP works and how websites work. In order to understand this, let’s
    take a look at some simple HTML source in 
    Example 8-3
    .
    Example 8-3. Sample HTML source code

    </b> <br />This is a title <br /><b>

    rel=
    "stylesheet"
    type=
    "text/css"
    href=
    "pagestyle.css"
    >


    This is a header




    Bacon ipsum dolor amet burgdoggen shankle ground round meatball bresaola
    pork loin. Brisket swine meatloaf picanha cow. Picanha fatback ham pastrami,
    pig tongue sausage spare ribs ham hock turkey capicola frankfurter kevin
    doner ribeye. Alcatra chuck short ribs frankfurter pork chop chicken cow
    filet mignon kielbasa. Beef ribs picanha bacon capicola bresaola buffalo
    cupim boudin. Short loin hamburger t-bone fatback porchetta, flank
    picanha burgdoggen.



    src=
    "
    /
    anotherpage
    .
    html
    "
    >
    This is a link


    src=
    "/images/picture.png"
    >

    Download 22,59 Mb.
    1   ...   217   218   219   220   221   222   223   224   225




    Download 22,59 Mb.
    Pdf ko'rish