80 likes | 246 Views
Cross Site Request Forgery Problem Summary Scott Malabarba, IBM. What is CSRF/cross site request forgery?. Malicious browser script exploits user's authenticated session to access target application Modify or destroy data with form POST
E N D
Cross Site Request Forgery Problem SummaryScott Malabarba, IBM
What is CSRF/cross site request forgery? • Malicious browser script exploits user's authenticated session to access target application • Modify or destroy data with form POST • Read confidential data. Browsers restrict but do not entirely prevent cross-site GET. • Other “flavors” such as login CSRF are less applicable to CMIS • (Very) basic demo...
CSRF Defenses • Some common defenses are not feasible in browser binding • e.g. requiring a custom header on form posts • Secret token: with each POST/GET, client must submit a token that is known only to the client and server • Can be cryptographically signed and include specific information such as target URL and session ID
How to transfer the token securely? • Some common methods do not apply in CMIS use case • e.g. server inserts token directly into generated form HTML • Too easy to work around browser restriction on cross-site GET • Option 1: Can safely return token from an authentication call • Client can store token in, e.g., a cookie • Problematic when SSO is enabled or CMIS repo delegates authentication to a container • Option 2: IFRAME postMessage() technique