Supun Tennakoon

This blog post will give a brief description about OAuth 2.0 What is OAuth 2.0?    OAuth 2.0 is a (Open Authorization) is a framework that give users the ability to grant access to their information stored in one place, from another place. To understand what is OAuth first we need to understand the main roles, grant types and the types of tokens. Roles    Roles are used to define and separate entities which are involved in a request. Mainly there are four roles. The Client - The client is the third party application which tries t access the user account. This can be either a website or a application. The Resource Server - Resource server is the place which stores the user's information The Authorization Server - This is the server which approves or denies the request. The authorization server produces the access token to the client. The Resource Owner - Resource owner grants access to the requested data. Grant Types     Grant...

Cross Site Request Forgery             Cross-Site Request Forgery (CSRF) is an assault that powers an end client to execute undesirable activities on a web application in which they're at present verified. CSRF assaults particularly target state-evolving demands, not robbery of information, since the assailant has no real way to see the reaction to the produced demand. With a little help of social designing, (for example, sending a connection through email or talk), an attacker may trap the clients of a web application into executing activities of the assailant's picking. On the off chance that the injured individual is a typical client, a fruitful CSRF assault can compel the client to perform state changing solicitations like exchanging reserves, changing their email address, ect. On the off chance that the unfortunate casualty is a managerial record,CSRF can compromise the entire web application. What is CSRF and how it works ?     A...