Join Jess Chadwick for an in-depth discussion in this video Avoid cross-site request forgery, part of Learning ASP.NET Core MVC.
- [Narrator] Whenever you have portions of an application…important enough that they need to be secured…you've now got to start considering attackers…who will want to break through that security…and access your application through nefarious means.…There are many techniques that attackers use…in order to gain access to sites…but one of the most popular techniques…is the cross-site request forgery attack.…Accordingly, ASP.NET Core MVC provides us a way…to help guard against this attack.…The cross-site request forgery attack…also known as a CSRF, or C surf attack…describes a situation in which an attacker…is able to get ahold of your legitimately…authenticated session and begin sending commands…and submitting data with requests that identify as you.…
Perhaps the most popular implementation of this technique…is for an attacker to create a page…on their site that induces the user to submit…a request to your site.…This request is now sent to your application…as the target user but the attacker…now has complete control over the content…
Author
Released
12/6/2016- Building blocks of ASP.NET Core applications
- Creating a new project
- Responding to HTTP requests
- Serving static files
- Understanding the MVC pattern
- Handling requests with controllers
- Routing
- Rendering HTML with Razor
- Rendering data, view markup, and view logic
- Creating HTML forms
- Validating form data
- Reading and writing from a database with Entity Framework
- Improving the user experience
- Exposing data with a web API
- Securing your ASP.NET application
Skill Level Intermediate
Duration
Views
Related Courses
-
C#: Design Patterns
with Reynald Adolphe1h 22m Intermediate -
Tooling with NPM Scripts
with Ray Villalobos1h 21m Intermediate
-
Introduction
-
Welcome1m 16s
-
What you should know2m 6s
-
Challenges1m 11s
-
-
1. The Basics
-
Create a new project5m 14s
-
Respond to HTTP requests5m 32s
-
Serve static files3m 9s
-
Use custom configuration4m 42s
-
2. The Model-View-Controller (MVC) Pattern
-
Understand routing4m 24s
-
3. Render HTML with Views
-
Render HTML with Razor3m 51s
-
Challenge1m 29s
-
Solution1m 48s
-
-
4. Work with Data
-
Validate form post data5m 55s
-
Challenge44s
-
Solution1m 45s
-
5. Improve User Experience with Ajax and Web APIs
-
Expose web API endpoints4m 7s
-
Challenge31s
-
Solution2m 12s
-
6. Secure Your Application
-
Conclusion
-
Next steps1m 42s
-
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.
CancelTake notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Avoid cross-site request forgery