CSRF and CORS Explained

preview_player
Показать описание
This video briefly explains concepts around Cross-Site Request Forgery (CSRF), the web's Same-Origin Policy, and Cross Origin Resource Sharing (CORS) through examples and illustrations.

CSRF and CORS are two common vulnerabilities that allow attackers to inject malicious code into your website. This code can then be used to steal your login credentials or access sensitive data on your website.

In this video, we'll explain how CSRF and CORS work and how to protect yourself from these vulnerabilities. We'll also overview some common attacks that use these vulnerabilities and how to prevent them. So don't wait – watch this video and learn how to protect yourself from CSRF and CORS attacks!

What thoughts do you have? Leave us a comment and subscribe!

Chapters
00:00 Intro
00:40 What is Cross-Site Request Forgery (CSRF)?
01:24 The Same-Origin Policy
02:12 What is an "Origin"?
02:45 Cross Origin Resource Sharing (CORS)
05:43 Is Cross-Site Request Forgery (CSRF) still an issue?
06:08 Mitigation Steps Against Cross-Site Request Forgery (CSRF)
07:49 Conclusion
  1. Tejas Kumar
  2. cross origin resource sharing
  3. csrf
  4. cross origin resource sharing vulnerability
  5. csrf token explained
  6. cross origin policy
Рекомендации по теме
CSRF and CORS 0:08:11

CSRF and CORS Explained

Cross-Site Request Forgery 0:06:31

Cross-Site Request Forgery (CSRF) Explained And Demonstrated By A Pro Hacker!

CORS in 100 0:02:31

CORS in 100 Seconds

Cross-Site Request Forgery 0:14:11

Cross-Site Request Forgery (CSRF) Explained

Learn CORS In 0:06:06

Learn CORS In 6 Minutes

Your App Is 0:09:57

Your App Is NOT Secure If You Don’t Use CSRF Tokens

Cross Site Request 0:03:07

Cross Site Request Forgery (CSRF or XSRF)

Cross-site request forgery 0:17:20

Cross-site request forgery | How csrf Token Works

CORS, Preflight Request, 0:12:35

CORS, Preflight Request, OPTIONS Method | Access Control Allow Origin Error Explained

What is CORS? 0:08:26

What is CORS? | Cross-Origin Resource Sharing | CORS Explained!

Cross Site Request 0:09:20

Cross Site Request Forgery - Computerphile

CSRF REAL LIFE 0:27:16

CSRF REAL LIFE EXAMPLE | CSRF,CORS, SAME ORIGIN POLICY EXPLAINED IN HINDI | PART 1🔥

CSRF Introduction and 0:10:25

CSRF Introduction and what is the Same-Origin Policy? - web 0x04

How to Solve 0:02:57

How to Solve CORS Error in 2 min [WATCH THIS] | CORS Explained in EASY Way

Что такое CORS 0:08:15

Что такое CORS и зачем он нужен? По простому

CSRF Explained | 0:09:22

CSRF Explained | Understanding Cross Site Request Forgery | What is XSRF?

Cross-Origin Resource Sharing 0:52:17

Cross-Origin Resource Sharing (CORS) | Complete Guide

Configure the CSRF 0:51:54

Configure the CSRF Protection With Spring Security 6 and Angular

Cross Origin Resource 0:23:15

Cross Origin Resource Sharing (Explained by Example)

CSRF (доска) 0:09:52

CSRF (доска)

Cross-Site Request Forgery 0:48:11

Cross-Site Request Forgery (CSRF) | Complete Guide

CORS | Preflight 0:20:42

CORS | Preflight Request | Options Method | CORS Error | CSRF Token Mechanism | CSRF Attack Analysis

Start CSRF & 0:06:25

Start CSRF & CORS

Scala Server Security 0:30:18

Scala Server Security with Http4s: CORS and CSRF

Комментарии
Автор

Thanks bro...its easier to grasp the basics

unnaipoloruvan
Автор

Good speaker and clear explanation. You are a start!

marksaravi
Автор

That was a great and very articulate description. Thank you

bbstriker
Автор

All this time I never really made effort knowing more about CORS, anytime I encounter the CORS warning I just say hey, backend guy, I'm getting a CORS error, fix it 😂. It's great learning about it, so thanks for making this video. Also taking about Cross Site Request Forgery . which is my first time hearing or knowing about it.

favouritejome
Автор

Great content mate! Really enlightening, keep up the good work!

ejborba
Автор

Thanks for explaining this Dude. It totally makes sense.

premaseemjain
Автор

No better explanation needed buddy.. This is great 👍😊

anuonline
Автор

Great explanation man!!!! Thanks from Mauritus!

briansans-souci
Автор

For CSRF implementation, For each Request, we need to call get CSRF token and then execute core action call along with return token?
In terms of performance Do we have any other option? Because currently, each core method call will be 2 network call ?

abhijithsj
Автор

Can you please talk about CSR vs SSR whenever convenient 🙌

gaurabsarkar
Автор

This is going to be a meme! Sorry Tejas. 2:26

shreshthmohan
Автор

I was struggling to understand these concepts, and now that I finally understood, I think that your explanation is not right. Same origin policy (SOP) or CORS may prevent other sites to open page with content, actually to read response...but it does not prevent sending request. So that is why CORS does not save us from CSRF because if someone wants to perform attack he is interested only in post request.

MarinaMarina-frex
Автор

CORS and CSRF are different, CORS do not protect against CSRF, Origin and sites are totally different concepts bro. Even with all cors protection in place csrf attacks are still prevalant

lifeofsq