Cross Site Request Forgery vs Server Side Request Forgery Explained
ฝัง
- เผยแพร่เมื่อ 12 ก.ค. 2024
- In this video I explain the difference between Cross-Site Request Forgery (CSRF) and Server Side Request Forgery (SSRF)
Summary: Frontend Engineers pay attention to CSRF, Backend Engineers pay attention to SSRF.
Chapters
0:00 Intro
0:20 CSRF
4:19 SSRF
10:15 Summary
🏭 Backend Engineering Videos
• Backend Engineering (B...
💾 Database Engineering Videos
• Database Engineering
🛰 Network Engineering Videos
• Network Engineering
🏰 Load Balancing and Proxies Videos
• Proxies
🐘 Postgres Videos
• PostgresSQL
🚢Docker
• Docker
🧮 Programming Pattern Videos
• Programming Patterns
🛡 Web Security Videos
• Web Security
🦠 HTTP Videos
• HTTP
🐍 Python Videos
• Python by Example
🔆 Javascript Videos
• Javascript by Example
👾Discord Server / discord
Become a Member
/ @hnasr
Support me on PayPal
bit.ly/33ENps4
Become a Patreon
/ hnasr
Stay Awesome,
Hussein - วิทยาศาสตร์และเทคโนโลยี
![แขกคนแรกร้านแจ๊ส [ซี - เอมมี่] | iJazzKhunJang](http://i.ytimg.com/vi/XP6C9kulFfc/mqdefault.jpg)
I was just dealing with this today! Perfect timing!
I love your teaching style. thank you hussein.
Prepping for an interview. Helpful. Thank you!
Such a good explanation. This just got the channel a sub.
Great Explaining, Thank you for this incredible video!
Thank you for this video content. I've learned a lot 😊
Great Content . To the point. Thanks
Nicely explained!
Good explanation. Thanks
Super video! I applauded for CA$2.00 👏
Thanks!! 🙏
You clearly missed the all point of CSRF. , CSRF means the attacker tricked the victim (the one with the cookie/session) to do something eval, like changing the password, usually by sending a link or inside hidden without the victim even noticed. It's NOT an eval "different site" who *sent a request on your behalf* . The request eventually comes from the victim, that's the point of CSRF. unlike session/cookie hijacking.
Hello Hussein, I'm really glad i found your channel. While i was watching some of your vids, a question popped up in my head. Can you make a vid that specifies how many users can a webserver handel and what happens when we are using websockets for example...will the load on server drop?
Slav Biachev thanks Slav! Good question!! There is no known limit to how much a server can handle. What you start to notice is slower and slower response time, connection drops .. this is based on how much memory and cpu your server has and based on the workload of each request. It is a good idea for a video 👍 kind of fall on the p99 p95
❤️
In ssrf What if i change some header and was able to visit/get data from api server... Will it still be considered as ssrf ?
SSRF can only happen when the server relies on a piece of header/payload in the request that contain information about URL or sub path that the server need to visit on the backend.
Hussein brother your contents are really really helpful and I think priceless considering availability of the contents like you are creating in youtube. But as a well wisher and being a much junior than I want to tell you that please say things in more straightcut or specific way please dont make contents bigger just explaining unnecessary sentences or ways.. these sentences create your contents bigger and make sometimes really hateful/intolerable or you can make a short script. Please dont sound some cartoonish way. Please take my words like from a well wisher. please dont take me wrong. Dont speak aa uu or with cartoonish sound just speak straight please please please
Hi
get a stylus bro