solid-spec icon indicating copy to clipboard operation
solid-spec copied to clipboard
verified publisher icon solid

CSRF

Open westurner opened this issue 8 years ago • 0 comments

Traditionally, I'm used to validating a CSRF token for (already-authorized) requests to mutate resources. How do I do CSRF with solid? Is this concern solved by a different set of protocols?

  • | Wikipedia: https://en.wikipedia.org/wiki/Cross-site_request_forgery
  • | https://cwe.mitre.org/top25/#CWE-352 (2011 # 12)
    • https://cwe.mitre.org/data/definitions/352.html "CSRF"
      • https://cwe.mitre.org/data/definitions/346.html "Origin Validation Error"

westurner avatar Apr 12 '17 15:04 westurner