This paper introduce an effective defense system against cross-site request forgery attacks. Being different from the traditional defense systems, this system focuses on the user's browser. Because CSRF is generated by executing malicious code of the user's browser, and in this way the system can identify and block the CSRF attacks effectively.
展开▼