Search Interview Questions
| More than 3000 questions in repository.|
There are more than 900 unanswered questions.
Click here and help us by providing the answer.
Have a video suggestion.
Click Correct / Improve and please let us know.
|Security - Interview Questions and Answers for 'Csrf token.csrf attack' - 1 question(s) found - Order By Newest|
|Ans. A CSRF token is a unique, secret, unpredictable value that is generated by the server-side application and transmitted to the client in such a way that it is included in a subsequent HTTP request made by the client. When the later request is made, the server-side application validates that the request includes the expected token and rejects the request if the token is missing or invalid.|
CSRF tokens can prevent CSRF attacks by making it impossible for an attacker to construct a fully valid HTTP request suitable for feeding to a victim user. Since the attacker cannot determine or predict the value of a user's CSRF token, they cannot construct a request with all the parameters that are necessary for the application to honor the request.
|Help us improve. Please let us know the company, where you were asked this question :|
|Like Discuss Correct / Improve  csrf token.csrf attack|
|Difference between == and .equals() ?|
|Why is String immutable in Java ?|
| Explain the scenerios to choose between String , StringBuilder and StringBuffer ?|
What is the difference between String , StringBuilder and StringBuffer ?
|What are the difference between composition and inheritance in Java?|
|Does garbage collection guarantee that a program will not run out of memory?|
|Why Char array is preferred over String for storing password?|
|What are different ways to create String Object? Explain.|
|Why do we need Inner classes ? Cant we just work with outer classes wherever we implement Inner classes ?|
|What is the difference between declaration, instantiation and initialization ?|
|What is the difference between Encapsulation and Abstraction?|