Cross Site Request

cross site request

Cross Site Request

Cross Site Request (XSRF) is a way of attacking website visitors, using lacks of HTTP protocol. When visiting a website created by a hacker, from a user’s face a request is secretly sent on another server (for example, on a payment system server) which is carrying out certain maleficent operation (for example, money transfer on a hacker’s account). To implement this attack, a user-victim must be authorized on that server on which a request is sent, and this request shouldn’t be confirmed by a user and this request cannot be ignored or tampered with the attacking script.