No-CSRF No-CSRF

Developer Tools
Version: 0.42
Last Update: 2016-07-04

Overview

No-CSRF is a Chrome extension developed by brandonio21. According to the data from Chrome web store, current version of No-CSRF is 0.42, updated on 2016-07-04.
300 users have installed this extension. 1 users have rated this extension with an average rating of .

Prevent cookies from being client-side sent cross-origin.

Cross-Site Request Forgery is a major problem when it comes to browsing the web. If an attacker were to craft a request toward a server that performs an action, the request would contain any identifying cookies you have. As pointed out in academic literature, this can be used to empty bank accounts, change passwords, or anything in between.

This extension attempts to prevent Cross-Site Request Forgery by stripping cookies from any (non-GET) request that does not follow the same-origin policy. In this way, normal browsing remains uninterrupted while any possible CRSF attacks are blocked!

The extension is easily disabled and contains a small report of all requests which had cookies stripped.

This extension is open source and the source code is viewable at https://github.com/brandonio21/no-csrf

This extension is based on a similar extension by avlidienbrunn

Rating

1 ratings
5
4
3
2
1

Total Installs

300

Information

Last Update

2016-07-04

Current Version

0.42

Size

9.58KiB

Author

brandonio21

Website

None

Category

Developer Tools

No-CSRF Alternatives

Name Category Rating Rating Count Installs
extension logo M i M Developer Tools
(9) 207
extension logo No Opener, No Phishers Developer Tools
(10) 760
extension logo CounterXSS Accessibility
(1) 442
extension logo Cacao CORS Proxy Developer Tools
(0) 158
extension logo Ignore Google Scripts Productivity
(2) 559
extension logo Policy Control Productivity
(3) 425
extension logo Scripter debugger extension Developer Tools
(2) 303
extension logo Xframe Assassin Search Tools
(2) 733
extension logo NoDetour Productivity
(6) 510
extension logo Security Tweaks Productivity
(3) 784
extension logo WebAPI Blocker Productivity
(7) 1,000+
extension logo Block Cross Domain protection Developer Tools
(0) 33
extension logo OWASP Penetration Testing Kit Developer Tools
(14) 10,000+
extension logo Disable Content-Security-Policy Developer Tools
(70) 50,000+
extension logo Block Unreachable Scripts Productivity
(5) 1,000+
extension logo Origin Requests Only (Firewall) Productivity
(10) 554
extension logo Site Bleacher Productivity
(4) 760
extension logo Cross Domain - CORS Developer Tools
(53) 40,000+
extension logo Policy Control - JavaScript and Flash blocker Productivity
(6) 781
extension logo Clickjacking Test Developer Tools
(9) 4,000+
extension logo Privacy Settings Productivity
(6) 2,000+
extension logo Local Cache Productivity
(10) 634
extension logo Vulners Web Scanner Productivity
(18) 7,000+
extension logo Page Structure Cache Productivity
(7) 543

Latest Reviews

See More