During the last couple of months a lot has been said about Cross-site request forgeries and how to prevent them. Before presenting my approach of dealing with this type of attacks, let’s have a look on what Cross-site request forgeries are, for one more time. As I have discussed in the past, CSRF vulnerabilities occur on applications which allow every request that has a valid session identifier to be processed by the application business logic. This is bad for a number of reasons. More details see the URL : www.gnucitizen.org/blog/preventing-csrf
Posted on Friday, March 30th, 2007 at 7:28 pm and under category News.
You can read any responses through the RSS 2.0 feed.
You can give a response, or trackback from your site.