Cross-site request forgery defense
First Claim
1. A computer-implemented method for defending against a cross-site request forgery (CSRF) attack, the method comprising:
- serving a content item to a client computing device, wherein the content item includes an embedded executable script;
receiving a first asynchronous request for a first CSRF token from the client computing device, wherein the first asynchronous request is generated as a result of running the embedded executable script at the client computing device;
generating the first CSRF token in response to the first asynchronous request, wherein the first CSRF token is generated using a hash message authentication code (HMAC) key;
sending the first CSRF token to the client computing device;
receiving a second asynchronous request for a second CSRF token from the embedded executable script of the client computing device, wherein the second asynchronous request is received after sending the first CSRF token to the client computing device;
generating the second CSRF token in response to the second asynchronous request, wherein the second CSRF token is also generated using the HMAC key;
sending the second CSRF token to the client computing device;
receiving, from the client computing device, a request to access a resource provided by a server computing device, wherein the request includes a received CSRF token; and
determining whether the received CSRF token can be authenticated using the HMAC key.
2 Assignments
0 Petitions
Accused Products
Abstract
An HTML document includes a JavaScript element that manages CSRF token use. When the HTML document is rendered, the JavaScript element asynchronously requests a CSRF token from the server. In response, the server generates a JWT using a keyed HMAC algorithm. The resulting JWT, which functions as a CSRF token, is returned to the user where it is stored in a protected variable inside the JavaScript element. The CSRF token is therefore stateless and isn'"'"'t stored in a server-side repository. When the user later requests access to a server resource, the CSRF token is included in such request. This may be accomplished by adding a hidden input field that includes the CSRF token to the submission that'"'"'s transmitted to the server. If the server cannot validate the received token using the HMAC key that was originally used to generate the token, the request is considered unauthorized and is not processed.
29 Citations
19 Claims
-
1. A computer-implemented method for defending against a cross-site request forgery (CSRF) attack, the method comprising:
-
serving a content item to a client computing device, wherein the content item includes an embedded executable script; receiving a first asynchronous request for a first CSRF token from the client computing device, wherein the first asynchronous request is generated as a result of running the embedded executable script at the client computing device; generating the first CSRF token in response to the first asynchronous request, wherein the first CSRF token is generated using a hash message authentication code (HMAC) key; sending the first CSRF token to the client computing device; receiving a second asynchronous request for a second CSRF token from the embedded executable script of the client computing device, wherein the second asynchronous request is received after sending the first CSRF token to the client computing device; generating the second CSRF token in response to the second asynchronous request, wherein the second CSRF token is also generated using the HMAC key; sending the second CSRF token to the client computing device; receiving, from the client computing device, a request to access a resource provided by a server computing device, wherein the request includes a received CSRF token; and determining whether the received CSRF token can be authenticated using the HMAC key. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A cross-site request forgery (CSRF) defense system that comprises a server cluster having a plurality of server computing devices, each of the server computing devices including
a processor, wherein the plurality of processors are configured to collectively execute instructions that cause the server cluster to invoke a CSRF defense process; - and
a memory storing a hash message authentication code (HMAC) key, wherein the HMAC key stored in each of the memories is functionally equivalent; wherein the CSRF defense process comprises; serving a content item to a client computing device, wherein the content item includes an executable script; receiving a first request for a first CSRF token from the client computing device, wherein the first request is generated in response to running the executable script at the client computing device; generating the first CSRF token in response to the first request, wherein the first CSRF token is generated using a particular one of the HMAC keys; sending the first CSRF token to the client computing device; receiving a second request for an updated CSRF token from the embedded executable script of the client computing device, wherein the second request is received after sending the first CSRF token to the client computing device; generating the updated CSRF token in response to the second request, wherein the updated CSRF token is also generated using the particular HMAC key; sending the second CSRF token to the client computing device; receiving, from the client computing device, a subsequent request to access a resource provided by one of the server computing devices, wherein the subsequent request includes a received CSRF token; and determining whether the received CSRF token can be authenticated using one of the HMAC keys. - View Dependent Claims (9, 10, 11, 12, 13)
- and
-
14. A computer program product comprising a non-transitory computer readable medium storing instructions that, when executed by one or more processors, causes a cross-site request forgery (CSRF) defense process to be carried out, the process comprising:
-
requesting a content item from a server cluster; receiving the requested content item from the server cluster, wherein the received content item includes a JavaScript element, and wherein the content item is received by a client computing device; rendering the received content item in a content browser running on the client computing device; in response to executing the JavaScript element at the first client computing device, requesting a first CSRF token from the server cluster; receiving the first CSRF token from the server cluster, wherein the first CSRF token is received by the client computing device; after receiving the first CSRF token from the server cluster, making a determination that network connectivity between the client computing device and the server cluster is unavailable; detecting that the network connectivity between the client computing device and the server cluster has been reestablished; in response to detecting that network connectivity has been reestablished, and as a result of executing the JavaScript element, requesting a second CSRF token from the server cluster; receiving the second CSRF token from the server cluster, wherein the second CSRF token is received by the client computing device; and submitting, to the server cluster, a request for access to a resource provided by the server cluster, wherein the request includes the second CSRF token that was received from the server cluster. - View Dependent Claims (15, 16, 17, 18, 19)
-
Specification