Coursera Plus Annual is 40% Off — Ends July 6.

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

ASP.NET Core SPA Cookie Authentication vs XSRF - Securing Against Cross-Site Attacks

Raw Coding via YouTube

Start learning Write review
DataCamp Ad

PowerBI Data Analyst - Create visualizations and dashboards from scratch

Learn More → Coursera Ad

Learn AI, Data Science & Business — Earn Certificates That Get You Hired

Learn More →

Overview

AI, Data Science & Cloud Certificates from Google, IBM & Meta — 40% Off
One plan covers every Professional Certificate on Coursera. 40% off Coursera Plus Annual.
Unlock All Certificates
Learn how to secure your Single Page Application (SPA) against Cross-Site Request Forgery (XSRF/CSRF) attacks using ASP.NET Core cookie authentication. Explore various attack scenarios, including cross-site login attempts with fetch and form posts, and implement effective defense strategies such as Origin and Referer checks. Discover the differences between Strict and Lax cookies, and understand the potential risks of man-in-the-middle attacks. Gain practical knowledge on implementing robust security measures for your ASP.NET Core SPA using C# minimal APIs, applicable to .NET 7, .NET 6, and .NET 5.

Syllabus

Introduction
Attack 1: cross site login with fetch
Attack 2: cross site login with form post
Defence: Origin & Referer
Attack 3: cross site request execution
Strict vs Lax Cookies
Man in the middle attack

Taught by

Raw Coding

Reviews

Start your review of ASP.NET Core SPA Cookie Authentication vs XSRF - Securing Against Cross-Site Attacks

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.