Rationale

Web browsers allow GET and POST requests to be made between different web sites. Cross-site request forgery (CSRF or XSRF) occurs when a user visits a malicious web page that makes their browser send requests to your application that the user did not intend.

Scope

  • Visualforce pags
  • Visualforce components
  • Apex controllers
Did this answer your question?