<<< Previous question <<< Question ID#0165.md >>> Next question >>>
Which of the following are the limitations for the cross site request forgery (CSRF) attack? Each correct answer represents a complete solution. (Choose two)
- A) The attacker must determine the right values for all the form inputs.
- B) The attacker must target a site that doesn't check the referrer header.
- C) The target site should authenticate in GET and POST parameters, not only cookies.
- D) The target site should have limited lifetime authentication cookies.
Answer
Answer: A, B