What is Cross-Site Request Forgery (CSRF)?
Answer
CSRF (Cross-Site Request Forgery) tricks an authenticated user's browser into sending an unwanted request to a web application where they're logged in. Example: a user is logged into their bank; they visit a malicious page containing <img src="https://bank.com/transfer?amount=1000&to=attacker"> — the browser automatically sends the request with the user's cookies, executing the transfer. CSRF exploits the fact that browsers automatically include cookies with cross-origin requests. Prevention: (1) CSRF tokens (anti-forgery tokens): a unique secret included in forms and verified server-side. (2) SameSite cookie attribute: SameSite=Strict or SameSite=Lax prevents cookies from being sent in cross-site requests. (3) Verify the Origin/Referer header. (4) Re-authentication for sensitive operations.