International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
|
Volume 106 - Issue 11 |
Published: November 2014 |
Authors: Sentamilselvan. K, Lakshmana Pandian. S, Ramkumar. N |
![]() |
Sentamilselvan. K, Lakshmana Pandian. S, Ramkumar. N . Cross Site Request Forgery: Preventive Measures. International Journal of Computer Applications. 106, 11 (November 2014), 20-25. DOI=10.5120/18564-9808
@article{ 10.5120/18564-9808, author = { Sentamilselvan. K,Lakshmana Pandian. S,Ramkumar. N }, title = { Cross Site Request Forgery: Preventive Measures }, journal = { International Journal of Computer Applications }, year = { 2014 }, volume = { 106 }, number = { 11 }, pages = { 20-25 }, doi = { 10.5120/18564-9808 }, publisher = { Foundation of Computer Science (FCS), NY, USA } }
%0 Journal Article %D 2014 %A Sentamilselvan. K %A Lakshmana Pandian. S %A Ramkumar. N %T Cross Site Request Forgery: Preventive Measures%T %J International Journal of Computer Applications %V 106 %N 11 %P 20-25 %R 10.5120/18564-9808 %I Foundation of Computer Science (FCS), NY, USA
Cross Site Request Forgery is considered as one of top vulnerability in today's web, where an untrusted website can force the user browser to send the unauthorized valid request to the trusted site. Cross Site Request Forgery will let the integrity of the legitimate user. So far many solutions have been proposed for the CSRF attacks such as the referrer HTTP Header, Custom HTTP header, Origin Header, client site proxy, Browser plug-in and Random Token Validation. But existing solutions is not so immune as to avoid this attack. All the solutions are partially protected only. This paper focuses on describing the implementation of various possible cross site request forgery methods and describing the pitfalls in the various preventive techniques of cross site request forgery and so we suggested some defense mechanism to prevent this vulnerability.