DOUBLE SUBMIT COOKIE PATTERN

-



This is also a common method to mitigate (CSRF) attacks. Let's see how it works. In SYNCHRONIZER token pattern method csrf token can be stored in the session. but for a large number of users, it may cause to be a problem so DOUBLE SUBMIT COOKIE PATTERN is can be considered an alternative solution for this problem. In this case, csrf token is not stored in the server side. It will be sent to the client via a cookie. When the client making a request from the server, the client fetches the token and send to the server for validation. Let's make this clear using below diagram.








Let's get clear these steps one by one using this sample Application. (In bellow screens this application runs on localhost and enables SSL and Virtual host test for port 443 you can use any configuration as you prefer (enable SSL is recommended)).

Step 1:-

User make get a request to test.com
the server returns the login page to the user to enter credentials.




then the user enters his credentials (user: pass) and press login. (Post request with credentials sends to the server.)


Step 2 and 3





Now the user will be validated by Application user will be redirected to account page and Generates a csrf token and session id for the user and send back then along with cookies to the user's browser. They will be saved in the user's browser.













using chrome developer tools we can get details about request header. (in above picture header details)



for that request server will response as the following picture.




we can see the set-cookie token in the header. It will create and store a cookie with the token value inside users browser.


we can see stored cookies in the browser.




(in letter section of this post contains all source code images.)



Step 4





Now assume the user going to remove his account So he presses the deactivate button on web page.
So browser will send post request server. Before that web page extract the token from cookies stored in the browser using javascript(can use any client-side language to extract this.)So Post Will send to server with that extracted token.




above image shows the request header with tokens and cookies.

step 5



now the web Application validates user by comparing token in the cookie with respond body and also check session for user validation and execute user preferred action (removing account). If token matches server knows this is a valid request by the legitimate user.




php code block that uses in this application to validate the token




All the steps of procedure have explained now.let's see how the source code looks like.


in Login .php




account.php






javascript that used to extract token value.





Get Complete Project from here





Comments

Post a Comment

Popular posts from this blog

OAUTH 2

-
Image
OAuth 2 is an authorization framework that enables applications to obtain limited access to user accounts on an HTTP service, such as Facebook, GitHub, and DigitalOcean. It works by delegating user authentication to the service that hosts the user account and authorizing third-party applications to access the user account. OAuth 2 provides authorization flows for web and desktop applications, and mobile devices. This informational guide is geared towards application developers and provides an overview of OAuth 2 roles, authorization grant types, use cases, and flows. Let's get started with OAuth Roles! OAuth Roles OAuth defines four roles: Resource Owner Client Resource Server Authorization Server We will detail each role in the following subsections. Resource Owner:  User The resource owner is the  user  who authorizes an  application  to access their account. The application's access to the user's account is limited to the "scope" of t...
Read more