Technology range: PHP, MySQL, Apache, javascript, ajax.
CRSF
User is logged into his secure page.
Page uses a random token and random name. (For Input)
<input name="random_name" value="random_token" />
Random_name and Random_token are stored in user SESSION.
Script checks header (HTTP 1.1 - referrer).
In my opinion these methods can't protected me vs Ajax (Page output) analysing.
Ajax (Page output) analyse:
User was visit a bad page.
After loaded page, Ajax made a connection (with a prepared HTTP referrer header) to his page. And download data.
Parse output (inputs).
And after successful parse.
Create own request with, Random_name, Random_token and prepared referrer header.
Security system accepted this action. (Referrer - OK, Token - OK)
How do I avoid it?
When XMLHttpRequest was designed, this scenario was already token into account. The result was that XMLHttpRequest level 1 (historic) did not allow any cross-origin request at all. And with XMLHttpRequest level 2 (current), a client is only allowed to read the response to a cross-origin request if the server allows it according to the Cross-Origin Request Sharing .
So unless the request originates from the same origin or you allow any origin, a client is not allowed to read the response.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.