Cross Site Scripting (XSS) vs. Cross Site Request Forgery (CSRF) | Niraj Bhatt - Architect's Blog
CSRF attacks target functionality that causes a state change on the server, such as changing the victim's email address or password, or purchasing something. Forcing the victim to retrieve data doesn't benefit an attacker because the attacker doesn't receive the response, the victim does. As such, CSRF attacks target state-changing requests. It's sometimes possible to store the CSRF attack on the vulnerable site itself.
Such vulnerabilities are called "stored CSRF flaws".
If the attack can store a CSRF attack in the site, the severity of the attack is amplified. In particular, the likelihood is increased because the victim is more likely to view the page containing the attack than some random page on the Internet. The likelihood is also increased because the victim is sure to be authenticated to the site already. Microsoft refers to this type of attack as a One-Click attack in their threat modeling process and many places in their online documentation.
Prevention measures that do NOT work Using a secret cookie Remember that all cookies, even the secret ones, will be submitted with every request. All authentication tokens will be submitted regardless of whether or not the end-user was tricked into submitting the request.
Furthermore, session identifiers are simply used by the application container to associate the request with a specific session object.
The session identifier does not verify that the end-user intended to submit the request. The misconception is that since the attacker cannot construct a malicious link, a CSRF attack cannot be executed. Unfortunately, this logic is incorrect.
Cross-Site Request Forgery (CSRF) - OWASP
Cross-Site Request Forgery (CSRF)
And a common recommendation is to use Server. HtmlEncode for every output. Run the application and and type script tag with alert message in textbox.
Click on Submit button. Run the application again and output would be as per your expectations. Cross Site Request Forgery Description: Cross Site Request Forgery also called One-Click attack is lesser known though much easier to implant.
Normally, a HTTP request is enough to get website into doing something. So how can a hacker lull you into providing your credentials? You click and in case you are having persistent though not necessary authentication cookie.
Remember the way browsers work is whenever you send a request for a specific domain also the cookies associated to that domain are also send across. Simple Steps to Reproduce: