When a website makes requests to another site, all kinds of malicious effects can occur. For instance, the information included in the request can be used to track the sites you visit. The request can also trigger certain undesired actions, an attack which is called Cross-Site Request Forgery (CSRF).
CSRF is considered very dangerous, as indicated by its ranking in the OWASP top 10
and the CWE/SANS top 25
. The problem with a CSRF attack is that it makes requests on behalf of the user, without his/her knowledge. For instance, if a site (e.g. example.com
) makes hidden requests to another site (e.g. myonlinebank.com
), it can potentially cause harmful effects (transfer funds, create accounts, ...).CsFire
protects you against malicious cross-domain requests, by rendering them harmless. This means that CsFire will remove authentication information (cookies and authentication headers), which ensures that a cross-domain request can not have harmful or undesired side-effects.
CsFire provides a secure-by-default policy, which can be extended with fine-grained remote policies as well as fine-grained local policies. The remote policies are obtained from a policy server, to selectively allow certain harmless cross-domain requests (e.g. sharing items on facebook). The local policies allow you to specify certain cross-domain requests that should be treated differently, should you wish to do so (this is not required in normal surfing scenarios).
CsFire is the result of academic research, available in the following publications: CsFire: Transparent client-side mitigation of malicious cross-domain requests
(published at the International Symposium on Engineering Secure Software and Systems 2010
) and Automatic and precise client-side protection against CSRF attacks
(published at the European Symposium on Research in Computer Security 2011