DRAFT DOCUMENT - WORK IN PROGRESS

Description

In short, CSRF abuses the trust relationship between browser and server. This means that anything that a server uses in order to establish trust with a browser (most often cookies, but also HTTP or even Windows Authentication) is exactly what allows CSRF to take place - but this only the first piece for a successful CSRF attack.

The second piece is a web form or request which contains parameters predictable enough that an attacker could craft his own malicious form/request which, in turn, would be successfully accepted by the target service. Then, usually through social engineering or XSS, the victim would trigger that malicious form/request submission while authenticated to the legitimate service. This is where the browser/server trust is exploited.

In order to prevent CSRF in ASP.NET, anti-forgery tokens (also known as request verification tokens) must be utilized.

These tokens are simply randomly-generated values included in any form/request that warrants protection. Note that this value should be unique for every actual form/request, not just for every type of form/request. This guarantees that every form/request is unique and, therefore, protected from CSRF.

Mitigation Examples

Coming soon...

Related Attacks

CSRF (Attack)[1]
CSRF (Full Wikipedia Article)[2]
XSS (Attack)[3]

Related Vulnerabilities

XSS[4]
Insecure Randomness[5]
Insecure Third-Party Domain Access[6]
Non-Cryptographic Pseudo-Random Number Generator[7]

Related Controls

.NET CSRF Guard[8]

Related Technical Impacts

Accountability[9]
Confidentiality[10]

References

CSRF Prevention (official ASP.NET blog)[11]
Relevant Stack Overflow question[12]