Review of "Robust defenses for cross-site request forgery" by A. Barth, C. Jackson, J. Mitchell

Zheng Gong

    Research output: Contribution to journalBook/Film/Article reviewAcademic


    Cross-site attacks are widely used to exploit Web site vulnerability. Barth, Jackson, and Mitchell present in this paper a detailed description of cross-site request forgery (CSRF), a specific kind of cross-site attack. CSRF allows the attacker to forge a valid request to a Web site by redirecting the user. The authors also discuss the existing defenses against CSRF and suggest “modifying browsers to send an origin header with POST requests that identifies the [source] that initiated the request.“ The paper is well written and the references are up to date. The paper should be valuable to professionals in the Internet security area.
    Original languageUndefined
    Pages (from-to)CR137694
    JournalComputing reviews
    Publication statusPublished - 4 Feb 2010


    • EWI-17433
    • METIS-270730
    • SCS-Cybersecurity
    • CR-D.4.6

    Cite this