Beefy Boxes and Bandwidth Generously Provided by pair Networks
Syntactic Confectionery Delight
 
PerlMonks  

Re^2: Is your web application really secure? ("CSRF")

by MidLifeXis (Monsignor)
on Mar 29, 2007 at 17:26 UTC ( #607313=note: print w/replies, xml ) Need Help??


in reply to Re: Is your web application really secure? ("CSRF")
in thread Is your web application really secure? ("CSRF")

As far as I know you a malicious site can't fake a referer header* (unless maybe if you allow cross-site XMLHTTP - but all modern browsers prohibit that - right?)

Never trust the browser

--MidLifeXis

  • Comment on Re^2: Is your web application really secure? ("CSRF")

Replies are listed 'Best First'.
Re^3: Is your web application really secure? ("CSRF")
by Joost (Canon) on Mar 29, 2007 at 19:25 UTC

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://607313]
help
Chatterbox?
[LanX]: Yesterday I made B::Concise produce a nested AoH of the optree instead of text
LanX chacka!!!
[LanX]: whats the correct way to make a perlbug report for perldoc?
[erix]: chacka
[LanX]: with a diff? which perldoc version should I take from where?

How do I use this? | Other CB clients
Other Users?
Others about the Monastery: (9)
As of 2017-04-24 15:18 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    I'm a fool:











    Results (442 votes). Check out past polls.