CSRF Attack

هجوم تزوير الطلب عبر المواقع

IntermediateSecurity1 min read
csrf-attackcsrfcross-site-request-forgeryxsrf

Definition

An attack that tricks an authenticated user's browser into making an unwanted request to a site they are logged into — executing actions without their knowledge.

هجوم يخدع متصفح مستخدم مُصادَق عليه لإرسال طلب غير مرغوب فيه إلى موقع مسجّل فيه — تنفيذ إجراءات دون علمه.

Why It Matters

Next.js API routes using `SameSite=Lax` cookies are partially protected against CSRF, but stateful mutations should still use CSRF tokens for full protection.

مسارات API الخاصة بـ Next.js التي تستخدم ملفات تعريف ارتباط `SameSite=Lax` محمية جزئياً، لكن يجب أن تستخدم الطفرات ذات الحالة رموز CSRF أيضاً.

Full Definition

Cross-Site Request Forgery (CSRF) exploits the fact that browsers automatically include cookies with every request to a domain. An attacker embeds a malicious request on another site — `<img src='https://bank.com/transfer?to=attacker&amount=1000'>` — and when the victim visits, their browser sends the request with their session cookie. Prevention: CSRF tokens (a secret value included in forms, verified server-side), SameSite cookie attribute (`SameSite=Strict` or `Lax`), and checking the `Origin`/`Referer` header.
يستغل CSRF حقيقة أن المتصفحات تُضمّن ملفات تعريف الارتباط تلقائياً مع كل طلب. يُضمّن المهاجم طلباً خبيثاً في موقع آخر، وعندما تزور الضحية الصفحة يرسل متصفحها الطلب مع ملف تعريف الارتباط. الوقاية: رموز CSRF وسمة SameSite والتحقق من رأس Origin.

Example Usage

Next.js API routes using `SameSite=Lax` cookies are partially protected against CSRF, but stateful mutations should still use CSRF tokens for full protection.

مسارات API الخاصة بـ Next.js التي تستخدم ملفات تعريف ارتباط `SameSite=Lax` محمية جزئياً، لكن يجب أن تستخدم الطفرات ذات الحالة رموز CSRF أيضاً.

Knowledge Graph

Avoid these mistakes when using CSRF Attack:

1

Using GET requests for state-changing operations → CSRF is trivially exploited via image tags against GET endpoints. Only use GET for read-only operations.

2

Relying only on checking the Referer header → It can be stripped by privacy tools and is not reliable. Use SameSite cookies and CSRF tokens instead.

3

Thinking JWT in Authorization header is immune → It is — BUT only if you store JWT in memory, not in a cookie. Cookie-stored JWT still needs CSRF protection.

Sign in to unlock guided AI explanations from AI Teacher.

Generate a Prompt

Copy this prompt and use it directly with any AI model — no setup needed.

Ready-to-Use Prompt
Help me build a project using CSRF Attack.

Explain:
1. What is CSRF Attack and why it matters
2. The core architecture and required tools
3. Step-by-step implementation plan
4. Common mistakes to avoid: Using GET requests for state-changing operations → CSRF is trivially exploited via image tags against GET endpoints. Only use GET for read-only operations., Relying only on checking the Referer header → It can be stripped by privacy tools and is not reliable. Use SameSite cookies and CSRF tokens instead., Thinking JWT in Authorization header is immune → It is — BUT only if you store JWT in memory, not in a cookie. Cookie-stored JWT still needs CSRF protection.
5. Best practices and production tips

Official Resources

No official documentation link on file for CSRF Attack yet.