The World Wide Web, or simply, the Web, has become an increasingly important medium for providing and exchanging information. The Web is a distributed network of computers, each with a unique address, that can be accessed by any other computer on the network. Many computers on the network host information sites that can be accessed by other computers. Typically, to access this information, a user will employ a computer that can access the network and that operates browser software, referred to as a client computer. One reason for the dramatic increase of computers on the Web is that it employs standard protocols to exchange information, such as the hypertext transfer protocol (HTTP). A browser downloads files containing HTTP-formatted information from the computer hosting a Web site and translates information to allow the user to see the information. Also, the information from the Web site may contain hypertext links to other computers. A user can interact with these links, typically by clicking on a link with a pointing device such as a mouse, and the user's computer will be directed to another Web site, either hosted by the same computer or hosted by a different computer. In this way, the computers on the distributed network are linked in a web. This operation is accomplished by including in the hypertext link coding corresponding to the address of the other Web site.
The type of Web sites can vary from requiring little or no interaction with the person who visits the Web site with their browser to requiring, or at least allowing, a great amount of interaction. For example, a Web site may contain only text. A user can put in the address of this Web site into a browser, or activate a hypertext link directed to the Web site and the browser will download one or more files containing the text. The user can read the information and then move to a new Web site. In contrast, some Web sites may host one or more applications, such as computer-based games. The user can direct the browser to this Web site. In response to a near constant input of commands by the user, the Web site provides near constant updates on the information downloaded by the browser.
One common type of Web site allows a user to post information, typically by completing a form. For example, a user may provide data such as name, street address, and e-mail address to a computer hosting a Web site so that that user may be placed on a mailing list. The Web site may collect this information by sending to a browser a form with blanks for name, street address, and e-mail address. A user may use a pointing device such as a mouse to place an insertion point into the areas of the form that are to contain the information. Then, with an input device such as a keyboard, the user can input the data, i.e., their name, street address, and e-mail address. Often the browser will display a button or other object that the user actuates with a pointing device to send the data to the computer hosting the Web site.
In another example, a Web site hosting computer application may simplify what an organization that hosts a Web site needs to do to set-up and maintain information on a server connected to the Web, sometimes referred to as a “Web site in a box.” For example, the computer application may provide certain standard types of information, perhaps in the form of lists. One such list may be “Announcements” and the Web site may allow users to post new items to the Announcements list.
The process for posting information described above is typically employed by a large number of servers on the Web. In a general sense, the process is as follows:                1. a client computer sends a GET HTTP request to a server, requesting a particular form;        2. in response to the GET request, the server sends a file or files, formatted in HTTP, containing the requested form to the client computer;        3. the user of the client computer enters data into the form and then sends a POST HTTP request to the server, posting the entered data;        4. in response to the post, the server sends a response back to the client.        
Although the four steps presented are the general process for posting, only step three is necessary. A client computer can send form data to a server without requesting a form, obviating the first two steps. Similarly, step four is often ignored. As such, data can be posted from a client to a server in one step. If data is posted to a server in a format and containing data fields that the server expects, the server will accept the data without first having sent a form. This acceptance of data occurs because of the stateless nature of a Web server. The server does not remember what it previously sent to a client. The Web site will accept the data without “knowing” whether it had sent a form.
Step three may involve some information exchange that may take place without the user's knowledge. For example, the server may request credentials from a client and, in response, the client may send the credentials to allow the post to be accepted by the server. Often, these credentials may be stored in files on the client computer and be silently sent to the server, that is, without the user knowing that the information was requested and sent.
A person, or attacker, perhaps with malicious intent, can take advantage of this one-step posting to attack a Web site by tricking a user into posting information to the Web site without the user's knowledge. For example, an attacker may induce a user to actuate a hypertext link, such as by sending an e-mail to the user that includes the link. By actuating the link, a user may, without knowing, cause a script to run that posts data to a Web site while the user's browser downloads information. To accomplish this attack, the attacker must know the Web sites, or servers, that the user has access to and know what lists are on the Web site that can receive information. With this knowledge, the attacker can get the user to post information to that Web site, perhaps an unwanted message on an announcement board or, more seriously, direction to give the attacker administrative permission for the site. Although credentials may be required to support the posting of data, security features on browsers are typically set to silently send the credentials. Since this attack can occur with one-click of a hypertext link, the attack is called a one-click attack.
Some safeguards are available to prevent one-click attacks. For example, security settings in a browser may be set to never silently send credentials or never run script programs. While these safeguards may prevent one-click attacks, they also may inhibit the user from navigating the Web efficiently, by requiring extra keystrokes or input with a pointing device to navigate each Web site visited.
What is needed is a method that prevents one-click attacks but does not impede a user's ability to efficiently navigate the Web. This method should be stateless, that is, should not require the server to store information, such as a random number assigned to a user to serve as a tamper-free identification means.