dorkahemp972157683
2019-01-14 16:19
浏览 127
已采纳

CSRF令牌保护意义何在?

I have read a lot about this and I still don't understand it. Let's say I have a domain with a form available only for authenticated users to post comments on some kind of content:

my_form.php

<form action="post_comment.php" method="post">
  <textarea name="comment"></textarea>
  <input type="hidden" name="csrf_token" value="<?php print $csrf_token; ?>" />
  <input type="submit" value="Post" />
</form>

post_comment.php

<?php

  if(!isset($_POST['csrf_token']) || !CSRFToken::validate($_POST['csrf_token'])){
    print "Invalid CSRF-Token!";
    exit;
  }
  [...]
?>

The post_comment.php will reject any request if the "csrf_token" token value is not sent or is not valid. So we are preventing attackers to use our post_comment.php.

BUT how to prevent the attacker to GET /my_form.php, read the csrf_token value from the form and POST to post_comment.php using it? What am I missing?

2条回答 默认 最新

相关推荐 更多相似问题