Cross Site Request Forgery
Cross Site Request Forgery (CSRF/XSRF) is a special kind of attack, where the attacker can trick the victim in to perform unwanted actions, such as authorizing a bank transfer or stealing sensitive information.
FortKnoxster prevents CSRF vulnerabilities by including a unique session token on each HTTP request and a special XSRF cookie.
Furthermore, the FortKnoxster session cookie is encrypted with AES-CBC 256-bit and a mac is computed using the HMAC function, taking a server key as input.
More information about Cross Site Request Forgery: