当前位置:网站首页>Web security - CSRF (token)
Web security - CSRF (token)
2022-07-03 04:31:00 【the zl】
CSRF And Token
Token: token , and Session,Cookie equally , It's all identity ,Token It usually exists in URL and Cookie in
Token effect :
1, Prevent forms from being submitted repeatedly
The server receives the Token after , If and Session Same value in , At this time, the client session Medium Token Will update
2, prevent CSRF( Cross station request attack )
give an example :
Tectonic CSRF, because Token Why , So the attack failed 
Token Production process :
When the client requests the server page , The server will generate a random number Token Store in Session in , It will also session Send to client ( Generally by construction hidden), The next time a client submits a request ,Token It will be submitted to the server along with the form .
边栏推荐
- Two drawing interfaces - 1 Matlab style interface
- [set theory] ordered pair (ordered pair | ordered triple | ordered n ancestor)
- Wine travel Jianghu War: Ctrip is strong, meituan is strong, and Tiktok is fighting
- Hj35 serpentine matrix
- How to retrieve the password for opening word files
- GFS distributed file system (it's nice to meet it alone)
- Summary of training competition (Lao Li's collection of questions)
- RSRS指标择时及大小盘轮动
- 拆一辆十万元的比亚迪“元”,快来看看里面的有哪些元器件。
- [文献阅读] Sparsity in Deep Learning: Pruning and growth for efficient inference and training in NN
猜你喜欢
FuncS sh file not found when using the benchmarksql tool to test kingbases
Joint set search: merge intervals and ask whether two numbers are in the same set
Two drawing interfaces - 1 Matlab style interface
Web - Information Collection
Auman Galaxy new year of the tiger appreciation meeting was held in Beijing - won the double certification of "intelligent safety" and "efficient performance" of China Automotive Research Institute
vulnhub HA: Natraj
Redis persistence principle
解决bp中文乱码
![[dynamic programming] subsequence problem](/img/d8/020ae959ef53ce097d3a81a0d2d63a.jpg)
[dynamic programming] subsequence problem
What are the Bluetooth headsets with good sound quality in 2022? Inventory of four high-quality Bluetooth headsets
随机推荐
After reviewing MySQL for a month, I was stunned when the interviewer of Alibaba asked me
Function introduction of member points mall system
Introduction of pointer variables in function parameters
What's wrong with SD card data damage? How to recover SD card data damage
BMZCTF simple_ pop
Kingbasees plug-in KDB of Jincang database_ date_ function
SSM based campus part-time platform for College Students
[set theory] binary relation (example of binary relation on a | binary relation on a)
Mongodb slow query optimization analysis strategy
2022-02-12 (338. Bit count)
Kingbasees plug-in KDB of Jincang database_ database_ link
X-ray normal based contour rendering
Arthas watch grabs a field / attribute of the input parameter
[Chongqing Guangdong education] reference materials for design and a better life of Zhongyuan Institute of science and technology
Competitive product analysis and writing
Feature_selection
Kubernetes源码分析(一)
FuncS sh file not found when using the benchmarksql tool to test kingbases
2022-02-13 (347. Top k high frequency elements)
Drf--- quick start 01