Electrode Stateless CSRF download

An electrode plugin that enables stateless CSRF protection using JWT in Electrode, Express, Hapi, or Koa 2 applications. CSRF protection is an important security feature, but in systems which don't have backend session persistence, validation is tricky. Stateless CSRF support addresses this need. CSRF attacks can be bad when a malicious script can make a request that can perform harmful operations through the user (victim)'s browser, attaching user-specific and sensitive data in the cookies. For use with XMLHttpRequest and fetch, we extend the technique by using two JWT tokens for validation. One token in the cookies and the other in the HTTP headers. Since XSS cannot set HTTP headers also, it strengthens the security further.

Features

Double JWT CSRF tokens
Browser Integration
Serverside Integration
Full demo
Documentation available
Examples available

Project Samples

Project Activity

See All Activity >

License

Apache License V2.0

Follow Electrode Stateless CSRF

Electrode Stateless CSRF Web Site

Other Useful Business Software

Streamline Azure Security with Palo Alto Networks VM-Series

Centrally manage physical and virtualized firewalls with Panorama

Improve your security posture and reduce incident response time. Use the VM-Series to natively analyze Azure traffic and dynamically drive policy updates based on workload changes.

Learn more

Rate This Project

User Reviews

Be the first to post a review of Electrode Stateless CSRF!

Additional Project Details

Programming Language

JavaScript

Related Categories

JavaScript Frameworks

Registered

2024-01-11

Similar Business Software

ASP.NET

Blazor is a feature of ASP.NET for building interactive web UIs using C# instead of JavaScript. Blazor gives you real .NET running in the browser on WebAssembly. .NET is a developer platform made up of tools, programming languages, and libraries for building many different types of applications....

See Software
hapi

Build powerful, scalable applications, with minimal overhead and full out-of-the-box functionality, your code, your way. Developed initially to handle Walmart’s Black Friday sales, hapi continues to be the proven choice for enterprise-grade backend needs. When you install hapi, every single line...

See Software
Koa

Koa is a new web framework designed by the team behind Express, which aims to be a smaller, more expressive, and more robust foundation for web applications and APIs. By leveraging async functions, Koa allows you to ditch callbacks and greatly increase error handling. Koa does not bundle any...

See Software
Webix

JavaScript UI library and framework for speeding up web development. JS Framework for cross-platform web Apps development 102 UI widgets and feature-rich CSS / HTML5 JavaScript controls. Save at least 3000+ development hours by using ready-made widgets and UI controls. Develop Web UI 30% faster....

See Software
Swoole

Powering the next-generation microservices and applications. Build high-performance, scalable, concurrent TCP, UDP, Unix Socket, HTTP, GRPC services with PHP and easy-to-use coroutine, fibers API. Write your next scalable async application with PHP coroutines and fibers. Compared with other...

See Software
Tauri

Tauri is a framework that enables developers to build small, fast, secure, cross-platform applications by combining existing web front-ends with Rust-powered back-ends. It supports any JavaScript framework, so you don’t need to change your stack and leverages each operating system’s native web...

See Software

Report inappropriate content

Electrode Stateless CSRF

Stateless Cross-Site Request Forgery (CSRF) protection with JWT

Get an email when there's a new version of Electrode Stateless CSRF

Features

Project Samples

Project Activity

Categories

License

Follow Electrode Stateless CSRF

User Reviews

Additional Project Details

Programming Language

Related Categories

Registered