There's plenty of information on the inter-tube on the Cross Site Request Forgery Hack (CSRF, also known as XSRF and Confused Deputy - go on just Google those acronyms) so I'm only going to give a general overview of the exploit but know that it is a problem that has been around pretty much since the birth of of the internet, that browsers cannot prevent it (and have in the past aided it), and pretty much relies on a User's Trust / Stupidity.
Showing posts with label XSRF. Show all posts
Showing posts with label XSRF. Show all posts
Tuesday, 22 February 2011
Subscribe to:
Posts (Atom)