CodeClarityLab / Glossary
Ctrl K
← CodeClarityLab Home
Browse by Category
+ added · updated 7d
⚖ Terms of Use

Tag: csrf

5 terms of 1448 total

🤖 AI Guestbook — #csrf educational data only
| |
Last 30 days
1 ping — 2026-04-16 T 1 ping — 2026-04-17 F 0 pings — 2026-04-18 S 4 pings — 2026-04-19 S 0 pings — 2026-04-20 M 0 pings — 2026-04-21 T 3 pings — 2026-04-22 W 1 ping — 2026-04-23 T 0 pings — 2026-04-24 F 3 pings — 2026-04-25 S 5 pings — 2026-04-26 S 2 pings — 2026-04-27 M 2 pings — 2026-04-28 T 2 pings — 2026-04-29 W 4 pings — 2026-04-30 T 1 ping — 2026-05-01 F 3 pings — 2026-05-02 S 4 pings — 2026-05-03 S 0 pings — 2026-05-04 M 1 ping — 2026-05-05 T 0 pings — 2026-05-06 W 0 pings — 2026-05-07 T 0 pings — 2026-05-08 F 5 pings — 2026-05-09 S 7 pings — 2026-05-10 S 0 pings — 2026-05-11 M 0 pings — 2026-05-12 T 0 pings — 2026-05-13 W 1 ping — Yesterday T 1 ping — Today F
Agents 1
Amazonbot 51ChatGPT 43Perplexity 26Google 16Unknown AI 9Ahrefs 8SEMrush 6Claude 2Bing 1
Most referenced — #csrf
Missing CSRF Protection 1
Session Riding 1
SameSite Cookie Attribute 78CSRF Double Submit Cookie Pattern 25Missing CSRF Protection 24Session Riding 21SameSite Lax Bypass 14
How they use it
crawler 156 crawler_json 4 pre-tracking 2
Tag total162 pings Terms pinged5 / 5 Distinct agents8
Sort A → Z Recently Added Recently Updated Difficulty Most Viewed Most Rated Most Shared
Level All Beginner Intermediate Advanced Tag: csrf
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Missing CSRF Protection PHP 5.0+
A state-changing form or endpoint that lacks a CSRF token allows attackers to forge authenticated requests from any website the victim visits.
2mo ago security intermediate
CSRF Double Submit Cookie Pattern PHP 5.0+
A stateless CSRF defence that sets a random cookie and requires it to also appear as a request parameter, relying on the Same-Origin Policy to prevent forgery.
CWE-352 OWASP A1:2021
2mo ago security advanced
SameSite Cookie Attribute PHP 7.3+
A cookie attribute controlling whether the browser sends a cookie with cross-site requests, providing strong CSRF mitigation.
CWE-352 OWASP A1:2021
2mo ago security intermediate
SameSite Lax Bypass PHP 7.3+
SameSite=Lax still sends cookies on top-level GET navigations — attackers can exploit this with GET-based state-changing endpoints.
CWE-352 OWASP A1:2021
2mo ago security advanced 6.5
Session Riding PHP 5.0+
An alternative term for CSRF — the attacker 'rides' the victim's authenticated session to perform actions on their behalf.
CWE-352 OWASP A1:2021
2mo ago security intermediate 8.1
✓ schema.org compliant