Exploring a modern, tokenless approach to CSRF protection using the Sec-Fetch-Site header in web frameworks.
Explains Cross-Site Request Forgery (CSRF) attacks, their impact on web applications using cookie authentication, and foundational defense concepts.
Explains the complex interplay between CORS, SameSite cookies, and CSRF attacks in cookie-based web authentication systems.
A clear, step-by-step guide explaining what CSRF attacks are, how they work, and the prerequisites needed for them to succeed.
A tutorial on integrating htmx with Django to delete list items without page reloads, including CSRF token handling.
A guide to simplifying integration tests for ASP.NET Core endpoints protected by antiforgery tokens using Application Parts.
Using ReSharper's Structural Search and Replace to find ASP.NET MVC action methods that need the ValidateAntiForgeryToken attribute for CSRF protection.
A guide for ASP.NET MVC Core developers on identifying and adding CSRF protection to an inherited codebase lacking security measures.
Mozilla introduces website assignment for Firefox Containers, allowing users to automatically open specific sites in isolated containers for enhanced privacy.
How to exclude specific routes from CSRF protection in the Laravel 5.1 PHP framework.
A guide to securing ASP.NET websites against common vulnerabilities like CSRF and XSS, covering code, configuration, and testing best practices.
Explains the AntiForgeryToken helper and ValidateAntiForgeryToken attribute in ASP.NET MVC Preview 5 for preventing cross-site request forgery attacks.
