The Latest in IT Security

Mozilla Adding New CSRF Protection to Firefox

27
Apr
2018
Mozilla Adding New CSRF Protection to Firefox

mozilla-announces-firefox-60-as-next-esr-extended-support-release-branch-519107-2

Mozilla announced this week that the upcoming Firefox 60 will introduce support for the same-site cookie attribute in an effort to protect users against cross-site request forgery (CSRF) attacks.

CSRF attacks allow malicious actors to perform unauthorized activities on a website on behalf of authenticated users by getting them to visit a specially crafted webpage. These types of attacks leverage the fact that every request to a website includes cookies and many sites rely on these cookies for authentication purposes.

Mozilla has pointed out that the current web architecture does not allow websites to reliably determine if a request has been initiated legitimately by the user or if it comes from a third-party script.

Read More

Leave a reply


Categories

THURSDAY, JULY 19, 2018

Featured

Archives

Latest Comments

Social Networks