7 days of WordPress plugins, themes & templates - for free!* Unlimited asset downloads! Start 7-Day Free Trial

Next lesson playing in 5 seconds

Cancel
  • Overview
  • Transcript

3.11 Cross-Site Request Forgery

A cross-site request forgery (CSRF) attack occurs when an attacker directs someone to a website that forwards a forged request to the server using the person's own credentials. In this video, I'll discuss cookie expirations, secure cookies, CSRF tokens, stale sessions, and using the browser Origin header to reject requests sent from invalid locations.