How Can We Help?

< All Topics

Cross Site Request Forgery

Cross Site Request Forgery (CSRF/XSRF) is a special kind of attack, where the attacker can trick the victim in to perform unwanted actions, such as authorizing a bank transfer or stealing sensitive information.
FortKnoxster prevents CSRF vulnerabilities by including a unique session token on each HTTP request and a special XSRF cookie.
Furthermore, the FortKnoxster session cookie is encrypted with AES-CBC 256-bit and a mac is computed using the HMAC function, taking a server key as input.

More information about Cross Site Request Forgery: