rikukissa
commented
1 month ago @euanmillar Can you clarify what the attack vector we mitigate against? From my understanding an XSS attack, so injecting javascript into our application is the only way to steal a JWT token from the local storage. For that we are covered by default with how React renders user submitted content. CSRF attack on the other hand would an attacker sharing a link http://app.opencrvs.org?deleteUser=1235 that the victim would click performing the action for the attacker. I don't think we allow these types of operations in our app
Description
We could consider installing csrf token plugins to our exposed microservices? This effort closes this door for good even if a hacker got hold of a valid JWT and used it from an illegitimate location.
For Apollo GraphQL: https://github.com/expressjs/csurf For Hapi: https://github.com/hapijs/crumb
CSRF could have a whitelist of APIs to allow API requests from trusted locations
Acceptance criteria
GIVEN WHEN THEN
Design
(Link to Figma)
Dev tasks