Are JSON web services vulnerable to CSRF attacks?

后端未结

关注

 5  1466

故里飘歌 2020-12-02 06:06

I am building a web service that exclusively uses JSON for its request and response content (i.e., no form encoded payloads).

Is a web service vulnerable to

5条回答

不知归路 (楼主)

2020-12-02 06:22

Is a web service vulnerable to CSRF attack if the following are true?

Yes. It's still HTTP.

Are PUT and DELETE requests ever vulnerable to CSRF?

Yes

it seems that most (all?) browsers disallow these methods in HTML forms

Do you think that a browser is the only way to make an HTTP request?

0 讨论(0)

查看其它5个回答

发布评论:

提交评论

加载中...

验证码

看不清?

提交回复