On 16:03 +0100 / 18 Apr, Luke Plant wrote: > On 15/04/12 05:23, Rohan Jain wrote: > > On 22:50 +0100 / 13 Apr, Luke Plant wrote: > >> The reason for the strict referer checking under HTTPS is set out here: > >> > >> https://code.djangoproject.com/wiki/CsrfProtection > >> > >> Particularly, it is to fix the 'CSRF + MITM' attack that is possible > >> under HTTPS. The key elements are set out in the following scenario > >> (although it is not the only variation): > >> > >> - a client connects to a site via HTTP: http://example.com/ > >> - in the response, an active MITM attacker sets a cookie over > >> HTTP for example.com > >> - this cookie will be used by the client when it connects over HTTPS > >> to the same domain (this is the fundamental problem, but we can't > >> fix it - it's what browsers do). > >> - the MITM also inserts a POST form in the HTTP response. > >> The form has a CSRF token that matches the cookie that was > >> set by the attacker. > >> The forms targets https://example.com/ and is automatically > >> submitted by javascript. > >> > >> Without strict referer checking, the POST request will succeed, even > >> though it is forged. > >> > >> Signing the cookie or token value does no good at all, because the > >> attacker can retrieve a valid cookie/token pair directly from > >> https://example.com/. > > > > I am a bit confused about this. How can an attacker extract the token > > out of the signed cookie without the private key? There is a > > possibility that the attacker deletes and sets the cookie right out, > > but since that case won't be correctly signed server can handle it > > securely. > > They don't need to extract the token, they just need to replay an > existing good token/cookie pair, which they can get directly from the > server any time they want. > > (Also, signing does nothing to hide the token. Are you actually talking > about encryption here? But even if you encrypt it, it doesn't help - the > only thing that matters is that the CSRF form token 'matches' the CSRF > cookie, whatever your definition of 'match', and that can be achieved by > getting the pair from the server.)
Sorry, my bad. I didn't realize swaying towards encryption. Encryption is something the SoC Ideas page suggests against for CSRF. I am no crypto expert so shouldn't waste time over this I guess. -- Rohan -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com. To unsubscribe from this group, send email to django-developers+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.
