CSRF attack defense strategies and implementation methods-PHP Tutorial-php.cn

CSRF attack defense strategies and implementation methods

WBOY

Release： 2023-08-10 18:50:01

Original

1123 people have browsed it

CSRF attack defense strategies and implementation methods

With the continuous development of network technology, network security risks have also increased. Cross-site request forgery (CSRF) attacks have become one of the major threats facing current Internet applications. This article will introduce the basic principles of CSRF attacks, as well as commonly used defense methods, and further explain their implementation methods, with relevant code examples.

CSRF attack principle

CSRF attack uses the user's authenticated session to perform malicious operations. Attackers induce users to click on malicious links or visit malicious websites, causing them to send forged requests without the victim's knowledge. When a user logs in to a trusted website and is successfully authenticated, the browser will automatically carry the corresponding identity credentials when sending a request, allowing an attacker to impersonate the user and send requests to perform malicious operations.

Defense Strategy

(1) Same-origin detection

Original detection is one of the common means of defending against CSRF attacks. By comparing the requested The method to determine whether the source and destination addresses belong to the same domain name is to determine the legitimacy of the request. Verification is performed on the server side, and if the source domain name and target domain name are inconsistent, the request is rejected.

Sample code:

@RequestMapping("/transfer")
public String transferMoney(HttpServletRequest request) {
    String origin = request.getHeader("Referer");
    String target = request.getServerName();
    
    if(!origin.equals(target)) {
        return "Illegal Request";
    }
    
    // 业务逻辑处理...
    return "Transfer Successful";
}

Copy after login

(2) Add CSRF Token

Adding CSRF Token is also one of the commonly used defense methods. When the server returns the HTML page, it generates a unique Token and embeds it in the form or sends it to the client as a cookie. When the form is submitted, the Token is sent to the server. The server verifies whether the token matches, and rejects the request if it does not match.

Sample code:

@RequestMapping("/transfer")
public String transferMoney(HttpServletRequest request, 
        @RequestParam("csrfToken") String csrfToken) {
    
    HttpSession session = request.getSession();
    String storedToken = (String) session.getAttribute("csrfToken");
    
    if (!csrfToken.equals(storedToken)) {
        return "Invalid Token";
    }
    
    // 业务逻辑处理...
    return "Transfer Successful";
}

Copy after login

(3) Synchronous request and asynchronous request

Asynchronous request uses AJAX and other technologies to send a request to the server without refreshing the page. This This makes CSRF attacks difficult to prevent. Therefore, for requests involving sensitive operations, it is best to use synchronous requests so that a more reliable session can be established with the server.

Implementation method

(1) Verify the request source and add origin detection

In the back-end service, obtain the Referer field of the request header , based on the background logic to determine whether the request is legal. If the request source is inconsistent with the target, the request is rejected.

Sample code:

@RequestMapping("/transfer")
public String transferMoney(HttpServletRequest request) {
    String origin = request.getHeader("Referer");
    String target = request.getServerName();
    
    if(!origin.equals(target)) {
        return "Illegal Request";
    }
    
    // 业务逻辑处理...
    return "Transfer Successful";
}

Copy after login

(2) Add CSRF Token

When sending the HTML page to the front end, generate a unique Token and embed it into the form or Sent to the client as a cookie. When the front-end submits a request, it sends the Token to the server, and the server verifies whether the Token matches to determine the legitimacy of the request.

Sample code:

@RequestMapping("/transfer")
public String transferMoney(HttpServletRequest request, 
        @RequestParam("csrfToken") String csrfToken) {
    
    HttpSession session = request.getSession();
    String storedToken = (String) session.getAttribute("csrfToken");
    
    if (!csrfToken.equals(storedToken)) {
        return "Invalid Token";
    }
    
    // 业务逻辑处理...
    return "Transfer Successful";
}

Copy after login

Summary

CSRF attack is a common and harmful attack method, but through some effective defense strategies Can improve application security. This article introduces two commonly used defense methods, namely origin detection and adding CSRF Token, and also provides sample code for the implementation method. When developing applications, we should choose appropriate defense strategies based on specific circumstances and implement them correctly to ensure the security of user data.

The above is the detailed content of CSRF attack defense strategies and implementation methods. For more information, please follow other related articles on the PHP Chinese website!