Interesting findings on CSRF (cross site request forgery)

-
Found an interesting use case where the orkut has missed out CSRF rules.

  • Login to orkut as User1 .
  • Update the status as <a href="/GLogin.aspx?cmd=logout">its good!</a>
  • Login as User2.
  • Go to User1's profile home and click on the status, you will be successfully logged out. :)

Should orkut does not support anchor tags in its status ??

Comments

Prashant said…
Are the status updates in Orkut sent to your friends also ?

Then your friends who click on this link in your status update also get logged out ?
October 21, 2008 at 12:05 AM
amar said…
The status updates shown on the friend's home will be encoded and non click able. so no problem. This scenario occurs only when the user access my home page and click on the status.
October 21, 2008 at 12:17 AM
csrrrrf said…
Hello Amar, I am RRR doing My M.Tech. I want to know more about this CSRF. can you please send me your additional work on CSRF. my mail id is csrrrrf@gmail.com
thanks
November 18, 2008 at 9:42 AM
Post a Comment

Popular posts from this blog

Proper way to have an anchor tag with onclick event

-
Anchor tags are one of the most common HTML tags used in pages. If the user right clicks on the anchor tag he/she will be provided with an option of 'Open in new Window/Open in new Tab'. This will happen only if the anchor has href attribute. Sometimes it is required to do some other action (like making ajax request) on click of the anchor link and also provide the right click option for the same anchor. Natural practice by web developers. <a href="javascript:void(0);" onclick="alert('i am here');">Click Me! </a> Click Me without link for anchor! Correct way to add anchor tags without losing anchor properties. <a href="http://www.blogger.com/amareswar.blogspot.com" onclick="alert('i am here'); return false;">Click Me! </a> Click Me! In the above link, you can observe that the user can right click on go to the respective link and onclick will do the custom action provided by the developer.
Read more

CORS issues with IE9 and workarounds

-
CORS(Cross-Origin-Resource-Sharing) is one of the features in HTML5 feature stack that enables a page to make AJAX requests to other domains. This feature is introduced to circumvent the Same-Origin-Policy . I am not discussing about CORS in detail here as there are lots of online resources available. I am working on a product where html files are served from one domain and back-end requests should be made to another domain (of course sub-domain) for security reasons and API clarity. Luckily we need to support browsers with HTML5 capabilities like Chrome > 14, Safari  > 5.0.5 , Firefox > 9, IE >8. I thought that IE9 is HTML5 complaint and promised to have support for it. I could have investigated a little bit  Application was implemented and we are running for release. Suddenly while going through entire flow we realized that IE9 is not making any CORS requests. From then on our hunt started. Searching blogs, articles, stackoverflow for solutions. I am her...
Read more

My FIRE Journey

-
Image
Welcome to my blog. Just to give some background about myself, I am Amar, working as Member of technical Staff in Paypal.  Moved to US in 2012 and have been staying here for 8 years. I have two boys one is 10 years and another one is 3 years old. "Idle money is like a radio-active material, its value depreciates over-time" I came to know above FIRE (Financial Independence and Retire Early) in 2013 while searching for investment opportunities. Let's jump into the topic. My goal was to be financially independent by 40. I just want to have the financial independent and perceive my interests instead of wasting my precious time churning out money for my family. The investments are broadly classified as the following categories Indian Real-estate - Stable and reliable and it never disappoints as long as the decision is good Indian stock market - Unreliable  US real estate - Very slow growth (non bay-area) with lots of wait times and a bit unreliable US stock ...
Read more