Tricking users into unwanted actions
Day 89 of 149
π Full deep-dive with code examples
The Forged Letter Analogy
Imagine someone writes a letter to your bank:
"Please transfer $1000 to Account X"
- Signed with your forged signature
If the bank can't verify, they might process it!
CSRF forges web requests in your name.
How CSRF Works
1. You log into bank.com β Browser stores auth cookie
2. You visit evil.com (in another tab)
3. evil.com has hidden code:
<form action="bank.com/transfer" method="POST">
<input name="to" value="attacker">
<input name="amount" value="10000">
</form>
<script>form.submit()</script>
4. YOUR browser sends request WITH your bank cookies!
5. Bank sees valid session β Processes transfer
You didn't intentionally click "transfer" β the site triggered it for you!
Why It Works
βββββββββββββββββββββββββββββββββββββββ
β Your browser automatically sends β
β cookies for any request to a domainβ
β Even from other sites! β
βββββββββββββββββββββββββββββββββββββββ
Prevention
CSRF Tokens:
<form>
<input type="hidden" name="csrf_token" value="random123" />
<!-- Attacker can't guess this! -->
</form>
SameSite Cookies:
Set-Cookie: session=abc; SameSite=Strict
In One Sentence
CSRF tricks your browser into making authenticated requests to sites you're logged into.
π Enjoying these? Follow for daily ELI5 explanations!
Making complex tech concepts simple, one day at a time.
Top comments (0)