Newbie - How are cookies involved in CSRF attacks?

This page summarizes the projects mentioned and recommended in the original post on /r/node

SurveyJS - Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App
With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
surveyjs.io
featured
InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured

  • router

    Router middleware for Koa. Maintained by @forwardemail and @ladjs. (by koajs)

    • The cookie part is crucial, but the CORS really depends on the implementation on bank.com. When sending an AJAX request to another domain, browsers first send a pre-flight OPTION request, to check the CORS rules on the destination domain. Only if the CORS works out will the browser send the "real" request. If bank.com implements a proper OPTION endpoint on /transfer that doesn't start any transfers, but just returns the CORS headers, the "real" transfer won't be called. It payes off to be redundant with security, so having both of these is good. If you're using Koa, koa-router has allowed methods to easily expose an OPTIONS endpoint for all other existing endpoints.

  • SurveyJS

    Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.

    SurveyJS logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Show HN: Kubernates in Node.js

    2 projects | news.ycombinator.com | 4 May 2024

  • Data API for Amazon Aurora Serverless v2 with AWS SDK for Java - Part 6 Comparing cold and warm starts between Data API and JDBC

    2 projects | dev.to | 6 May 2024

  • Flying planes with a JavaScript autopilot (2023)

    2 projects | news.ycombinator.com | 5 May 2024

  • WebSockets com Socket.io: Criando Aplicações Real-Time com Node.js

    1 project | dev.to | 6 May 2024

  • Open Source AI First Alternative to Salesforce, with AI Agents

    2 projects | news.ycombinator.com | 6 May 2024