I’m writing a mostly ajax-driven web application and I’m looking at how to protect

Question

0

Asked: May 27, 20262026-05-27T07:28:32+00:00 2026-05-27T07:28:32+00:00

I’m writing a mostly ajax-driven web application and I’m looking at how to protect

0

I’m writing a mostly ajax-driven web application and I’m looking at how to protect the user from CSRF attacks. I’m planning to run the pages of the application where the user is logged in to do his work in HTTPS mode.

Does running the page on HTTPS work to protect against CSRF attacks?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-27T07:28:33+00:00

Editorial Team

2026-05-27T07:28:33+00:00Added an answer on May 27, 2026 at 7:28 am

No, running a page on HTTPS does not protect it from CSRF. The fact that the communications between the browser and server is encrypted has no bearing on CSRF.

I suggest reading the OWASP guidance on preventing CSRF.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I’m writing a mostly ajax-driven web application and I’m looking at how to protect

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply