Question 6 of 10Pro Only

What is CSRF, and how do you protect against cross-site request forgery attacks?

Sample answer preview

Cross-Site Request Forgery, or CSRF, tricks authenticated users into performing unintended actions. When a user is logged into a site, their browser automatically includes session cookies with every request to that site.

CSRF tokenSameSite cookiedouble submitsame-origin policysession riding

Unlock the full answer

Get the complete model answer, key points, common pitfalls, and access to 9+ more Backend Developer interview questions.

Upgrade to Pro

Starting at $19/month • Cancel anytime

Back to Track