#8 - Cross-site request forgery (CSRF)

Previous Topic

Next Topic

Book Contents

#8 - Cross-site request forgery (CSRF)

Cross-site request forgery requires a browser container. Generally APIs are not meant to be supported directly in a browser container so the session is not kept as a browser cookie and CSRF is not a viable threat.

Send Feedback