tags.merge %w(table td th)
WhiteListHelper.tags.delete 'div'
WhiteListHelper.attributes.merge %w(id class style)
Cross-Site Request Forgery
Cross-site request forgery (CSRF) is an obscure class of web attacks that exploit the
trust a web server places in a session cookie. Unfortunately, although the attack is
obscure, it is very real, and you must protect against it. This is the typical case in
security: the defender must defend against all possible points of attack, but the
attacker only has to pick his favorite one. Luckily, Rails provides tools to defend
against CSRF attacks, provided that you use a little common sense.
The basic flaw leading to a CSRF vulnerability is that a poorly designed site trusts
HTTPrequests that come in with the proper authentication cookie, without taking
steps to ensure that the user actually authorized the action. In a CSRF attack, the
attacker??™s site convinces your browser to request some URI from the target site (the
vulnerable application), via one of several methods. Assume that you are already
authenticated to the target site, and it verifies that authentication through a cookie.
142 | Chapter 5: Security
Since a browser holding a cookie for the target site will send that cookie with each
request, the server receives the request and the cookie and performs the action.
A sample CSRF attack takes place as follows. This process is illustrated in Figure 5-1.
Pages:
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222