YoVDO

ASP.NET Core SPA Cookie Authentication vs XSRF - Securing Against Cross-Site Attacks

Offered By: Raw Coding via YouTube

Tags

ASP.NET Core Courses C# Courses Web Security Courses Single-Page Applications Courses

Course Description

Overview

Learn how to secure your Single Page Application (SPA) against Cross-Site Request Forgery (XSRF/CSRF) attacks using ASP.NET Core cookie authentication. Explore various attack scenarios, including cross-site login attempts with fetch and form posts, and implement effective defense strategies such as Origin and Referer checks. Discover the differences between Strict and Lax cookies, and understand the potential risks of man-in-the-middle attacks. Gain practical knowledge on implementing robust security measures for your ASP.NET Core SPA using C# minimal APIs, applicable to .NET 7, .NET 6, and .NET 5.

Syllabus

Introduction
Attack 1: cross site login with fetch
Attack 2: cross site login with form post
Defence: Origin & Referer
Attack 3: cross site request execution
Strict vs Lax Cookies
Man in the middle attack


Taught by

Raw Coding

Related Courses

Beginning Game Programming with C#
University of Colorado System via Coursera Programming with C#
Microsoft via edX DEV206.1x: Introduction to XAML and Application Development
Microsoft via edX Introduction to Game Development
Michigan State University via Coursera Designing Advanced Applications using XAML
Microsoft via edX