A Study On Cross-Site Request Forgery Attack And Its Prevention Measures

Today's security is the most important factor for online users to secure their confidential data, so identify vulnerabilities in a web application has been become a big challenge. OWASP (Open Web Application Security Project) states the ten topmost critical web application security vulnerabilities which affect the security mechanism of web applications. The main objective of the study is to determine the available solutions to prevent Cross-Site Request Forgery (CSRF) attacks. In order to test against the exploitation of the CSRF vulnerability were conducted after implementing the solutions into the web application to check the effectiveness of each of the solutions. The proposed research also combines the solution that unifies the passing of an unpredictable secret validation token through a hidden field and validating it on the server-side.