{"schema_version":"1.0","canonical_url":"https://patentable.app/patents/US-8495135","patent":{"patent_number":"US-8495135","title":"Preventing cross-site request forgery attacks on a server","assignee":null,"inventors":[],"filing_date":"2010-09-23T00:00:00.000Z","publication_date":"2013-07-23T00:00:00.000Z","cpc_codes":["G06F","G06F","G06F","G06Q","H04L","G06F"],"num_claims":12,"abstract":"Preventing Cross-Site Request Forgery (CSRF) security attacks on a server in a client-server environment comprises: embedding a nonce and a script in all responses from the server to the client, the script adapted for executing to add the nonce to each request from the client to the server; sending the response with the nonce and the script to the client; and verifying that each request from the client includes the nonce. The script preferably modifies all objects, including dynamically generated objects, in a server response that may generate future requests to the server to add the nonce to the requests. The server verifies the nonce value in a request and optionally confirms the request with the client if the value is not the same as the value previously sent by the server. Server-side aspects might be embodied in the server or a proxy between the server and the client."},"analysis":{"summary":null,"layman_explanation":null,"technical_analysis":null,"business_analysis":null,"faqs":null,"topics":[],"tech_cluster":null},"seo":{"title":"Preventing cross-site request forgery attacks on a server","description":"Preventing Cross-Site Request Forgery (CSRF) security attacks on a server in a client-server environment comprises: embedding a nonce and a script in all responses from the server to the client, the s","keywords":[]},"attribution":{"source":"Patentable","source_url":"https://patentable.app","canonical_url":"https://patentable.app/patents/US-8495135","license":"CC-BY-4.0-like","license_terms":"AI-generated analysis on this page (summary, layman_explanation, technical_analysis, business_analysis, faqs) may be reused with attribution and a visible link back to the canonical URL above. Patent abstracts, claims, and bibliographic data are USPTO public domain.","required_link":"https://patentable.app/patents/US-8495135","citation_suggestion":"Patentable. \"Preventing cross-site request forgery attacks on a server\" (US-8495135). https://patentable.app/patents/US-8495135","copyright_holder":"Nomic Interactive Technology LLC"},"links":{"html":"https://patentable.app/patents/US-8495135","json":"https://patentable.app/api/llm-context/US-8495135","site":"https://patentable.app","llms_txt":"https://patentable.app/llms.txt"},"generated_at":"2026-05-30T20:06:48.465Z"}