Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Artem00712018-02-06 18:18:00
Information Security
Artem0071, 2018-02-06 18:18:00

How and is it possible to make csfr protection on a separate web application?

There is a front written in vue (example.com)
And there is a separate laravel project used as api (api.example.com) (together with laravel passport)
How and is it possible to use CSFR protection here if these two "sites" are on different domains? As I understand it, this can only be arranged if they are physically in the same place. Is it so?
And if not, is there any other way to protect?
There is only CORS, but I don't know how much of a system protection it is.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
D
Dmitry Dart, 2018-02-06
@Artem0071

It can be done if you store the session and the CSRF tag in the database.

Similar questions
T
timafoxmf2014-01-03 14:57:04
What literature to choose for a global understanding of how PL and a computer work? 6Reply
K
kinjalik2014-01-03 15:29:43
Free runet based Mesh-network or runet i2p? 3Reply
A
alta772014-01-04 02:39:03
Q.88.queuev4.vk.com access to port 80. What is it? 1Reply
G
geart2016-03-31 10:12:31
How to attack and bypass the firewall? 1Reply
V
Vlad Golubev2014-01-12 22:44:11
How to protect an application from piracy? 4Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question