3

Should xsrf be a synonym for ?

OWASP treats it as such.

1 Answer 1

Reset to default
2

I don't think so.

CSRF is the standard, most widely used name. Once upon a time, people used to sometimes use XSRF as an alternate name for the attack, but these days I don't see anyone using the name "XSRF" any longer. And, we don't currently have any questions that are tagged XSRF.

So, my suggestion would be: use as the tag for these questions. Don't introduce a synonym for XSRF; there doesn't seem to be any need for it. Don't introduce a tag for XSRF. If anyone happens to tag their question with XSRF (which hasn't happened yet to date, as far as I can tell), edit the question to replace XSRF with CSRF.

5
  • 2
    I agree with you, except I think that once someone does try to use xsrf, it then warrants a synonym.
    – Polynomial
    Commented Aug 13, 2012 at 21:36
  • Sounds good, @Polynomial!
    – D.W.
    Commented Aug 14, 2012 at 4:11
  • Agreed. Don't add unnecessary tags if there are no questions tagged that way.
    – user10211
    Commented Aug 14, 2012 at 5:23
  • We should probably see about banning this tag, then.
    – Scott Pack
    Commented Aug 14, 2012 at 23:06
  • XSRF is used in Tangled Web by Michal Zalewski. Also: xsrf, csrf
    – Andrei Botalov
    Commented Aug 16, 2012 at 11:04

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .