View Detailed Profile
ExpressJS security - CSRF signed double submit cookie

ExpressJS security - CSRF signed double submit cookie

SUBSCRIBE! ▻ http://www.youtube.com/subscription_center?add_user=editplus ...

Your App Is NOT Secure If You Don’t Use CSRF Tokens

Your App Is NOT Secure If You Don’t Use CSRF Tokens

Cross Site Request Forgery

Bypassing CSRF Protections: A Double Defeat of the Double-Submit Cookie - David Johansson

Bypassing CSRF Protections: A Double Defeat of the Double-Submit Cookie - David Johansson

Slide-deck: https://www.owasp.org/images/3/32/David_Johansson-Double_Defeat_of_Double-Submit_Cookie.pdf

CSRF attack on expressjs with csurf in double submit cookie mode and cookie signing

CSRF attack on expressjs with csurf in double submit cookie mode and cookie signing

See https://github.com/veryriskyrisk/csurf-attack-poc for the source code and instructions on how to reproduce on localhost.

NodeJS : CSRF token issues with Express

NodeJS : CSRF token issues with Express

NodeJS :

Fix These Security Holes in Your Node.js API || Beginners Ignore These

Fix These Security Holes in Your Node.js API || Beginners Ignore These

Code - https://github.com/Code-180/API-Node-

NodeJS : Express.js csrf token with jQuery Ajax

NodeJS : Express.js csrf token with jQuery Ajax

NodeJS :

Express Session Basics Done Right - Secure Login, Logout & Common Mistakes

Express Session Basics Done Right - Secure Login, Logout & Common Mistakes

Master

NodeJS : CSRF Middleware causing trouble Node.JS + Express

NodeJS : CSRF Middleware causing trouble Node.JS + Express

NodeJS :

35 - Protecting against CSRF attacks in Node

35 - Protecting against CSRF attacks in Node

Last time we saw the anatomy of a

Node.js | Section 33 | Handle HTTP Content Types & Secure API in Node.js #nodejs #security #helmet

Node.js | Section 33 | Handle HTTP Content Types & Secure API in Node.js #nodejs #security #helmet

nodejs #

Security: Secure alternative to csurf npm package

Security: Secure alternative to csurf npm package

Secure

CSRF: Signed Double Submit Cookie & 'Referer' validation vs MITM and vulnerable subdomains

CSRF: Signed Double Submit Cookie & 'Referer' validation vs MITM and vulnerable subdomains

CSRF