Security

Security Creating safe applications is a challenge for every development team, so we describe important security aspects that should be read before creating your own solutions based on the YetiForce engine.

Protection against CSRF attacks

Wikipedia: "Cross-site request forgery (also known as CSRF or XSRF) is a method of a malicious website attack, often confused (partly because of the simultaneous use of both methods)  for cross-site scripting (XSS), or considered its subset. The users who fall prey to CSRF unknowingly transmit forged requests  to the server. In contrast to XSS attacks, CSRF attacks are not directed at  the  websites and do not necessarily change their content. In this case the hacker's aim is to use the permissions to execute an operation, which would otherwise require the victim's authorization."