frenchie
Reputation: 51917
anti-csfr with jquery.ajax and asp.net
I'm doing a lot of ajax calls to the server with jquery and I've been looking around but found no definitive solution other than this.
I was wondering if someone could detail the steps to take both on the server and on the client to make an asp.net application secure.
Thanks.
Upvotes: 1
Views: 101
Answers (1)
David
Reputation: 73554
The definitive guide to csrf protection can be found at the OWASP site here.
For .NET, they recommend the .NET CSRF Guard, which we use on our sites.
The OWASP site is an excellent resource for secure web development information. I strongly recommend it to anyone that isn't already familiar. A good place to start is the top 10 project.
Upvotes: 1
Related Questions
- jQuery Ajax calls and the Html.AntiForgeryToken()
- AJAX CSRF attacks and .Net MVC
- How to mitigate XSRF for ASP.NET MVC Ajax.ActionLink requests?
- MVC Ajax.BeginForm and Content Security Policy
- Prevent Cross Site Request Forgery in jQuery Ajax Call
- Preventing Cross-Site Request Forgery (CSRF) Attacks
- Preventing crf attacks on ajax requests in asp.net web forms
- How to handle CSRF attacks when using ajax post?
- Security exception with ASP.NET AJAX toolkit
- CSRF Protection in AJAX Requests using MVC2