SameSite Cookie

Qunar Tech Salon

Oct 19, 2018 · Information Security

CSRF Attacks: Mechanisms, Real‑World Examples, and Defense Strategies

This article explains the background and risks of Cross‑Site Request Forgery (CSRF) attacks, illustrates real‑world exploitation scenarios, and provides comprehensive defense techniques such as origin/referrer checks, CSRF tokens, double‑cookie verification, SameSite cookies, and best practices for developers and security teams.