Question
Which of the following correctly describes the primary
difference between Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS)?Solution
Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) are both web security vulnerabilities, but they operate in distinct ways:
- CSRF tricks authenticated users into performing unintended actions on behalf of an attacker by exploiting trust in the user's session. For example, if a logged-in user clicks on a malicious link, the attacker could execute unwanted actions (e.g., fund transfers). CSRF exploits flaws in how web applications handle session tokens or cookies.
- XSS , on the other hand, involves injecting malicious scripts into a web application to execute in the victim’s browser. It primarily targets input validation and output encoding flaws to display or execute harmful code in the user's context.
- Option A: Both CSRF and XSS target the user’s browser, but XSS also indirectly impacts the application.
- Option C: CSRF does not rely on executing JavaScript; it typically involves sending crafted HTTP requests.
- Option D: CSRF does not inherently depend on phishing; it can occur through any malicious link, such as in a forum or ad.
- Option E: CSRF and XSS are protocol-agnostic and can occur over both HTTP and HTTPS.
Direction: In the sentence given below, a part is highlighted and suggestions for its correction are given below the sentence. Choose the correct opti...
Choose the word similar in meaning to the given word:
Obfuscate
Almost the COVID-19 pandemic precipitated a crisis of trade imbalance, the fundamentals of the Sri Lankan economy have always had serious issues.
...We wanted to promote formally trained artistes, upcoming designers as well as student entrepreneurs who are educated but do not get platforms to showcas...
We should respecting everyone privacy ,no matter how close we are to them.
Using seeds for grow more plants is an exceptionally good way of gardening.
In consonance in the goal of provide  h ealth for all under the National Health Policy, care should be universal, and free at the point of delivery.<...
It will cruise in the atmosphere like an aircraft and it has capable of travelling up to 1,000 km.
Which of the phrases a, b, c, and d given below in each sentence should replace the word/phrase printed in bold in the sentence to make it grammaticall...
The minister flagged the underperformance of the information technology, construction and agricultural sectors, which earlier served as huge job-creator...
