CSRF攻击由一个入侵站点的恶意代码发起,该代码欺骗浏览器,使其将无关的请求传输到一个受信任站点。
CSRF attacks originate from malicious code from an intruder site that tricks a browser into transmitting unprovoked requests to a trusted site.
该安全性模型允许管理员以一种非常灵活的方式,来限制对受信任站点的访问。
This security model allows administrators to restrict access to trusted origins in a very flexible way.
例如,Mallory编写了一个脚本,会将用户发送到Alice创建的一个受信任的Web站点。
For instance, Mallory writes a script that sends users to a trusted Web site created by Alice.
例如,Mallory编写了一个脚本,会将用户发送到Alice创建的一个受信任的Web站点。
For instance, Mallory writes a script that sends users to a trusted Web site created by Alice.
应用推荐