I was just dealing with this today! Perfect timing!

You clearly missed the all point of CSRF. , CSRF means the attacker tricked the victim (the one with the cookie/session) to do something eval, like changing the password, usually by sending a link or inside hidden without the victim even noticed. It's NOT an eval "different site" who *sent a request on your behalf* . The request eventually comes from the victim, that's the point of CSRF. unlike session/cookie hijacking.

Super video! I applauded for CA$2.00 👏

I love your teaching style. thank you hussein.

Prepping for an interview. Helpful. Thank you!

Such a good explanation. This just got the channel a sub.

Nicely explained!

Great Explaining, Thank you for this incredible video!

Great Content . To the point. Thanks

Thank you for this video content. I've learned a lot 😊

Good explanation. Thanks

In ssrf What if i change some header and was able to visit/get data from api server... Will it still be considered as ssrf ?

Hello Hussein, I'm really glad i found your channel. While i was watching some of your vids, a question popped up in my head. Can you make a vid that specifies how many users can a webserver handel and what happens when we are using websockets for example...will the load on server drop?

Hussein brother your contents are really really helpful and I think priceless considering availability of the contents like you are creating in youtube. But as a well wisher and being a much junior than I want to tell you that please say things in more straightcut or specific way please dont make contents bigger just explaining unnecessary sentences or ways.. these sentences create your contents bigger and make sometimes really hateful/intolerable or you can make a short script. Please dont sound some cartoonish way. Please take my words like from a well wisher. please dont take me wrong. Dont speak aa uu or with cartoonish sound just speak straight please please please

❤️

Hi

get a stylus bro