A blog about backend engineering, auth systems, and terminal things
CSRF is all about abused trust. You trust your browser. Your browser trusts your cookies. but attackers know how to trick your browser into misbehaving on your behalf.
The initial post