Patent · US Active

Systems and methods for cross site forgery protection

US8640216B2 · kind B2 · utility

25Cited by

6References

20Claims

0Family size

Assignee

Citrix Systems, Inc. · US

Inventors

Craig Anderson · Sunnyvale, US
Anoop Reddy · San Jose, US
Yariv Keinan · Mill Valley, US

Key dates

Filing date	Dec 23, 2009
Grant date	Jan 28, 2014
Priority date	—
Expiry date	Jul 19, 2031

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/2119
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

The present solution described herein is directed towards systems and methods to prevent cross-site request forgeries based on web form verification using unique identifiers. The present solution tags each form from a server that is served out in the response with a unique and unpredictable identifier. When the form is posted, the present solution enforces that the identifier being returned is the same as the one that was served out to the user. This prevents malicious unauthorized third party users from submitting a form on a user's behalf since they cannot guess the value of this unique identifier that was inserted.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.