REST and XSRF, Part One

Hi everyone. In case you missed my talk at Black Hat, “REST for the Wicked”, I wanted to give you the Cliffs Notes version here. This will be a two-part post; the first will deal with attack techniques and the second will describe appropriate design and implementation mitigations for the attacks.   The SOAP vs….