Cross-Site Request Forgery

Web app server side migration

• Using REST-ful design for web apps
• Generating random, unique tokens for every session request

End-user side migration

• Don't stay logged in to idle to web app
• Don't store username and password in web browser
• Be caution of browsing while logged in a sensitive app, like online bank
• Secure username and password