Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
JavaScript Security

You're reading from   JavaScript Security Learn JavaScript security to make your web applications more secure

Arrow left icon
Product type Paperback
Published in Nov 2014
Publisher
ISBN-13 9781783988006
Length 112 pages
Edition 1st Edition
Languages
Tools
Arrow right icon
Author (1):
Arrow left icon
Eugene Liang Eugene Liang
Author Profile Icon Eugene Liang
Eugene Liang
Arrow right icon
View More author details
Toc

Other examples of CSRF

CSRF can also happen in many other ways. In this section, we'll cover the other basic examples on how CSRF can happen.

CSRF using the <img> tags

This is a classic example. Consider the following instance:

<img src=http://yousite.com/delete?id=2 />

Should you load a site that contains this img tag, chances are that a piece of data may get deleted unknowingly.

Now that we have covered the basics of preventing CSRF attacks through the use of CSRF tokens, the next question you may have is: what if there are times when you need to expose an API to an external app? For example, Facebook's Graph API, Twitter's API, and so on, allow external apps not only to read, but also write data to their system.

How do we prevent malicious attacks in this situation? We'll cover this and more in the next section.

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime