If evilsite.com submits a form to evilsite.com/foo and then 307 redirects to goodsite.com/bar where a user is already logged in, this will send the POST with goodsites cookie to goodsite.com/bar.
如果evilsite.com向evilsite.com/foo提交表单,然后307重定向到用户已登录的goodsite.com/bar,则会将带有商品cookie的POST发送到goodsite.com/bar。
How do people usually protect against this? Do normal webframeworks django/flask do anything to protect against this?
人们通常如何防范这种情况?正常的webframeworks django / flask做了什么来防止这种情况?
I can see two ways of protecting against this:
我可以看到两种防范方法:
- put a token into your pages that is sent with every form (not cookie). This seems like a lot of work.
- look at the referrer header. But there are browser plugins that suppress the referrer or worse just pretend the destination is the referrer. And I'm not sure how reliable this referrer header is.
将一个令牌放入您的页面,每个表格(不是cookie)发送。这似乎很多工作。
看看引用者标题。但是有些浏览器插件可以抑制引用者,或者更糟糕的是只是假装目标是引用者。我不确定这个引用标头的可靠性如何。
1 个解决方案
#1
0
It's called CSRF. You should use anti CSRF tokens to prevent this kind of vulnerability. All modern frameworks can deal with it.
它被称为CSRF。您应该使用反CSRF令牌来防止此类漏洞。所有现代框架都可以处理它。
#1
0
It's called CSRF. You should use anti CSRF tokens to prevent this kind of vulnerability. All modern frameworks can deal with it.
它被称为CSRF。您应该使用反CSRF令牌来防止此类漏洞。所有现代框架都可以处理它。