csrf
- abbr.军营食品店备用资金(Commissary Store Reserve Fund)
-
Some variants use CSRF to pre-load data in forms , some don 't.
一些变种使用CSRF预先加载数据到表单,有些则没有。
-
In a CSRF attack , your users can easily become unsuspecting accomplices .
在CSRF攻击中,您的用户可以轻易地成为预料不到的帮凶。
-
If you know nothing about XSS or CSRF , take the time to learn more about these security vulnerabilities .
如果你知道什么的XSS或CSRF的,花时间去学习更多的有关这些安全漏洞。
-
In CSRF attacks , unauthorized commands are transmitted from a user that the Web site trusts .
在CSRF攻击中,从Web站点信任的用户处传播未经授权的命令。
-
A mashup application or page must address CSRF , Ajax vulnerabilities , XSS , and other potential security weaknesses .
mashup应用程序或页面必须解决CSRF、Ajax漏洞、XSS和其他潜在的安全漏洞。
-
Finally , make sure your PHP code is resilient to XSS attacks , form spoofs , and CSRF attacks .
最后,确保PHP代码可以抵抗XSS攻击、表单欺骗和CSRF攻击。
-
One technique intruders use to initiate a CSRF attack is to embed a URL within the src attribute of an tag .
入侵者发动CSRF攻击所使用的一种技术是将一个URL嵌入到标记的src属性中。
-
To guard yourself against CSRF , use the one-use token approach you use in your habit of verifying form posts .
为了保护您免受CSRF攻击,需要使用在检验表单post时使用的一次性标记方法。
-
Every edit operation must be accompanied by a token , which ensures the validity of the user request and protects against CSRF attacks .
每个编辑操作必须伴有一个令牌,这可确保用户请求的有效性,并抵御CSRF攻击。
-
As CSRF didn 't fit the requirements for clickjacking , we had to come up with a new term to avoid confusion .
由于CSRF不适合点击劫持的要求,我们不得不想出一个新名词,以避免混乱。
-
Cross-Site Request Forgeries ( CSRF attacks ) are exploits that take advantage of user privileges to carry out an attack .
跨站点请求伪造(CSRF攻击)是利用用户权限执行攻击的结果。
-
The server will assume that any requests that lack the correct value in the Request-Token header are CSRF attack attempts and will reject them .
服务器将假设Request-Token头部中缺乏正确的值的任何请求都是CSRF攻击企图并将拒绝它们。
-
CSRF ( Cross Site Request Fogery ) allows attackers to bypass cookie based authentication . I blogged about it a while ago .
一个是CSRF(CrossSiteRequestForgery,跨站点伪造请求攻击),它允许攻击者绕过基于cookie的身份认证,前些天我曾在Blog上介绍过这种攻击。
-
You can typically prevent CSRF attacks by requiring that a unique token or cookie be passed with every request , which can be done with Dojo .
您通常可以通过要求每个请求在发送时传递一个惟一的令牌或cookie来阻止CSRF攻击,这可以通过Dojo来完成。
-
With DWR we use full JavaScript which is as vulnerable as JSON , however DWR 's CSRF protection automatically uses the doubly-submitted cookie pattern to provide extra safety .
有了DWR,虽然我们使用的是纯JavaScript它与JSON一样脆弱,但是DWR的CSRF保护能自动使用双重提交cookie模式来提供额外的保护。
-
The browser 's same-origin policy does not prevent CSRF attacks because the attack requests are transmitted to the same origin in proxy for the intruding third-party site .
浏览器的同源策略无法阻止CSRF攻击,因为攻击请求被传输到第三方入侵站点的代理中相同的源。
-
In addition to handling traditional threats , a mashup application or web page must address such issues as cross-site scripting ( XSS ) and cross-site request forgery ( CSRF ), among others .
除了处理传统威胁外,混搭应用程序或web页面必须解决跨站点脚本编写(XSS)和跨站点请求伪造(CSRF)等问题。
-
You can prevent this type of CSRF attack if the server at mybank avoids the use of HTTP GET requests to initiate changes and , instead , uses only POST requests to initiate changes .
如果mybank的服务器避免使用HTTPGET请求来发起更改,而是只使用POST来发起更改,那么您可以阻止这种类型的DSRF攻击。