主权项 |
1. A method for preventing cross-site request forgery, the method comprising:
storing, at a server, a first environment fingerprint associated with a client, wherein the first environment fingerprint uniquely identifies the client based on local terminal information associated with the client; receiving, at the server, an access request message from the client, the access request message including at least one operation and a second environment fingerprint generated by the client; determining, by the server, whether the second environment fingerprint matches the first environmental fingerprint; rejecting, by the server, the access request message if it is determined that the second environment fingerprint does not match the first environment fingerprint; and executing, by the server, the operation included with the access request message if it is determined that the second environment fingerprint matches the first environment fingerprint. |