Cross-Site Request Forgery (CSRF) badge Cross-Site Request Forgery (CSRF)

Description

Cross-site request forgery, or CSRF, takes advantage of a user’s authenticated browser state to make requests on their behalf from a malicious website. For request handlers that do not require an additional piece of authenticating information (e.g. a CSRF token) this could lead to the unauthorized modification of a user’s data or settings.

On GitHub.com, we utilize Rails’ Authenticity Token to protect against CSRF attacks. All state changing requests require validation of this parameter, which is sent via an HTTP header or POST parameter.

More about CSRF vulnerabilities from OWASP’s Top 10:

CSRF takes advantage the fact that most web apps allow attackers to predict all the details of a particular action. Because browsers send credentials like session cookies automatically, attackers can create malicious web pages which generate forged requests that are indistinguishable from legitimate ones.

Recently collected Cross-Site Request Forgery (CSRF) bounties:

1 benhc123 800 pts Ben Holden-Crowther CSRF in Gist abuse reporting
2 LukasReschke 1000 pts Lukas Reschke CSRF on import function
3 ealf 1000 pts @ealf Incorrect URL origin parsing in Safari
4 asanso 500 pts Antonio Sanso Authorized OAuth application scope removal CSRF
5 momenbasel 100 pts Mo'men Basel CSRF in GitHub Jobs