Answer
CSRF tricks users into unintended actions. Prevent using CSRF tokens, SameSite cookies, and referer validation.
Quick Answer
CSRF (Cross-Site Request Forgery) tricks a logged-in user into submitting a request they did not intend. Prevent with CSRF tokens: generate a unique token per session, embed it in forms, verify on submit. Frameworks auto-handle this. Also use SameSite=Strict or Lax cookie attribute. CSRF attacks exploit the fact that browsers auto-send cookies with cross-origin requests.
S
SugharaIQ Editorial Team
Verified Answer
This answer has been peer-reviewed by industry experts holding senior engineering roles to ensure technical accuracy and relevance for modern interview standards.
Want to bookmark, take notes, or join discussions?
Sign in to access all features and personalize your learning experience.
Source: SugharaIQ