CSRF It's called cross site request forgery

The user mistakenly clicked the illegal website when visiting the website , Attackers steal users Cookie Information forgery requests access to other websites , Achieve your goal .

Cookie Principle of :

        Cookie Stored on the client , Some user information can be stored to ensure statefulness . In cooperation session When , Server generation session, And the corresponding sessionID Return to client store Cookie,
Pass on next request Cookie Carry .

Through this feature , Attackers can steal Cookie Information in

however token Generally stored in local storage, Then the front-end obtains the information through some methods token Send ;local
Storage Compared with the data in Cookie Higher security ; also token The string is encrypted , When it is tampered with, it is decrypted at the server, and the error of sending data can be fed back

Cookie and LocalStorage Differences between ?

Coolie:

1. Only text can be stored 2. A single piece of storage has a size limit 4KB about

3. Quantity limit , General browser , The limit is about 50 Left and right

4. Cross domain issues need to be addressed

5. Limitation of time

localStorage

1. Main solutions Cookie Insufficient storage space , The size is generally 5M; Generally, only advanced browsers are supported

2. In privacy mode localStorage Not available , Cannot be acquired by crawler

3. Compared to sessionStorage,LocalStorage Is permanent storage

4. call localStorage Each time the interface is called, it is placed in HTTP Request header Authorization Field

Technology
©2019-2020 Toolsou All rights reserved,
【C++ Must see for entry 】C++ from 0 reach 1 Introductory programming axios Interceptor packaging and use Spring Boot Interview must ask : Automatic configuration principle VMware 16 install centos 7 Detailed tutorial C Language data structure - Sequence table delete duplicates V2.0.0 The 12th Blue Bridge Cup c++b Group personal problem solving On sending data from serial port single chip microcomputer to upper computer centos7 install RabbitMqjava Polymorphic array of opencv-python Fourier transform and inverse transform