Basic HTTP Authentification

Brute force

Authorization: Basic base64(username:password)

CSRF

HTTP basic authentication is particularly vulnerable to session-related exploits, notably CSRF, against which it offers no protection on its own.

CSRF
PreviousCookies MisconfigurationNextJWT Token

Last updated

Was this helpful?