The MITM attack becomes especially important when talking about proxy servers.
MITM攻击在使用代理服务器的情况中尤其重要。
2
The browser's same-origin policy does not prevent CSRF attacks because the attack requests are transmitted to the same origin in proxy for the intruding third-party site.
浏览器的同源策略无法阻止CSRF攻击,因为攻击请求被传输到第三方入侵站点的代理中相同的源。
3
This attack is only possible if the intruder site gets the mashup page to proxy the requests to the corporate mashup server for the intruder site.