Clear questions and runnable code get the best and fastest answer |
|
PerlMonks |
Re^2: Is your web application really secure? ("CSRF")by MidLifeXis (Monsignor) |
on Mar 29, 2007 at 17:26 UTC ( [id://607313]=note: print w/replies, xml ) | Need Help?? |
As far as I know you a malicious site can't fake a referer header* (unless maybe if you allow cross-site XMLHTTP - but all modern browsers prohibit that - right?) --MidLifeXis
In Section
Meditations
|
|