This link has been bookmarked by 14 people . It was first bookmarked on 19 May 2007, by harry.
-
30 Aug 07
-
Cross Site Request Forgery is very simple. A malicious site asks the user's browser to carry out an action on a site that the user has an active session on and the victim site carries out that action believing that the user intended that action to occur. In other words the problem arises when a web application relies purely on session cookies to authenticate requests.
-
-
23 Aug 07
-
19 Jul 07
-
05 Jun 07
M GCross Site Request Forgery web app vulnerability (using existing open session)
-
19 May 07
-
SRF is the new bad guy in web application security. Everyone has worked out how to protect their SQL database from malicious input, and RoR saves you from ever having to worry about this. Cross site scripting attacks are dying and the web community even managed to nip most JSON data leaks in the bud.
-
Would you like to comment?
Join Diigo for a free account, or sign in if you are already a member.