Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Andrey Salnikov2017-06-23 13:08:42
JavaScript
Andrey Salnikov, 2017-06-23 13:08:42

What to do with CSRF?

I want to authorize on the site using request-promise. But the site has CSRF tokens.
I do this - request to the page, take the token and again make a request to the same page, but with all the data. The answer is CSRF attack detected. What to do and in which direction to dig?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
Alexander Aksentiev, 2017-06-23
@Sanasol

In such a scenario, it seems to be generally possible to simply turn it off.
The whole point of CSRF is to make it so easy to slap a request to someone else's site.
And in such a scenario, it turns out to throw a request twice = protection passed. Well, if it worked the way you wanted it to.

Similar questions
S
Sergey Burduzha2021-03-25 12:00:33
Why is a fetch request not working? 3Reply
P
P_Alexander2019-09-13 08:14:10
I downloaded the file and it is written to stdout, how can I drive it into a file now? 2Reply
A
arsfilinov2021-03-30 10:35:53
How to display a variable in a picture Python? 2Reply
A
alex_ak12017-04-17 15:21:44
How to request a certificate for an RDP server? 2Reply
D
Dean Ex2015-04-25 17:09:57
Does the headphone plug affect the sound quality? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question