Angular CSRF

Featured

Most of the malware attacks that happen are due to the vulnerabilities of cookies which are saved from every website. Whenever a user logs in to a vulnerable server, a cookie in the browser is generated and set which saves the user data of his unique session. The browser would save his cookies for some time as further requests might require the need of authentication from the user. These cookies that are stored on each web application can be exploited and the server and the browser can be tricked to make requests to the vulnerable server using the user cookies, enabling a cross site scripting attack. If an attacker gains access of the user cookies, he can modify the requests of the user and even conduct man in the middle attacks.

Cross site request forgery enables the attacker to conduct malicious activities without the user knowing about it. The main concept of working behind a CSRF attack is to modify the auto generated URL that a server would generate which users do not notice and are not entered manually, and would trick the user into going into a different web application.

ENHANCING THE SECURITY OF WEBSITES USING CSRF COOKIES

  • Validate URLs

There are multiple ways to enable CSRF protection in an angular application, the first step would be to validate from the server side the link that has been generated and sent to the client at the interceptor or else it can be flagged.

  • Set Cookies

Whenever a connection is established the server needs to send a CSRF cookie that contains an authentication token with a CSRF cookie. Whenever a request is made from the client, the http header is validated for the CSRF token before progressing with the communication. If the cookie is compared and it does not validate with the client cookie it should reject the request and log the user for further potential vulnerability analysis.

  • HttpOnly flag

In order to enhance the overall security of an angular web application, the JavaScript files that have the access to security cookies can be prevented for misuse by applying the httpOnly flag ensuring that the client requesting the resources always have an Http connection. This can be used to limit the overall number of attacks greatly.

  • Secure flag

Another flag can be set for an angular web application for preventing any possible man in the middle attack, CSRF tokens can be explicitly declared as Secure this would allow the sending and receiving of cookies over the internet in an encrypted form. By default, these cookies are not encrypted and if an attacker gains access of an unsecure connection he could access the session and client details.

  • maxAge

The http cookies need to get updated once every while, this flag would allow automatic update of cookies by defining a maxAge for every cookie after which the CSRF token gets expired. Ensuring that the cookie gets renewed minimizes the possibility of attacker gaining access of new cookies.

References:

https://dev-academy.com/angular-csrf-protection-implementation/