Preventing CSRF attacks in ASP.NET Web API calls.

In spite of securing the assets of a web application using folder permissions and SSL for secure transmitting of data over the wire, ASP.NET MVC applications using Web API’s are very much vulnerable to CSRF (Cross Site Request Forgery) attacks that permits malicious code to inject data by invoking the Web API actions resulting in serious consequences.

Continue reading

2,555 total views, no views today