摘要 |
Disclosed is a method and apparatus for preventing cross-site request forgery. The recommendation method comprises storing a first environment fingerprint associated with a client, wherein the first environment fingerprint uniquely identifies the client based on local terminal information associated with the client; receiving an access request message from the client, the access request message including at least one operation and a second environment fingerprint generated by the client; determining whether the second environment fingerprint matches the first environmental fingerprint; rejecting the access request message if it is determined that the second environment fingerprint does not match the first environment fingerprint; and executing the operation included with the access request message if it is determined that the second environment fingerprint matches the first environment fingerprint. |