How do you protect against specific CSRF attack

Posted by Saif Bechan on Stack Overflow See other posts from Stack Overflow or by Saif Bechan
Published on 2010-04-05T17:32:59Z Indexed on 2010/04/05 17:43 UTC
Read the original article Hit count: 779

Filed under:
|
|
|

I am going trough the OWASP Top 10 list of 2007 and 2010.

I stumbled upon Cross Site Request Forgery (CSRF) this is often called session riding as you let the user usee his session to fulfill your wishes.

Now a solution to this is adding a token to every url and this token is checked for every link.

For example to vote on product x the url would be:

'http://mysite.com?token=HVBKJNKL'

This looks like a solid solution to because a hacker can not guess the token.

But I was thinking of the following scenario(I do not know if it is possible):

You create a website with an hidden iFrame or div. After that you can load my website in it either using just the normal iFrame or ajax.

When you have my website loaded hidden inside your website, and the user has a stored session, the following can be done. You can retrieve the token from the URLS, and still do all the actions needed.

Is it possible to do something like this. Or is it not possible to do this cross domain.

© Stack Overflow or respective owner

Related posts about csrf

Related posts about web-development