CSRF(Cross Site Request Forgery)

Defense CSRF(Cross site request forgery)

1.       Check standard header to verify the request is the same origin

a.       The origin request is coming from (Source origin)

b.      The origin request is going to (target origin)

2.       Check CSRF token

d           Validate the cookie token and form token

Configure the webSEAL to validate the referrer header incoming HTTP request