Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming CSRF/XSRF protection different approach, is it safe?
CSRF/XSRF protection different approach, is it safe?
  • El Forum
    Unregistered
  •  
#3
04-06-2009, 04:36 AM

[eluser]Jelmer[/eluser]
I've been thinking and doing some Google searches, the biggest danger should come from Flash & Java. Would it be possible for a Flash or Java program running on another site to use my session on my own site and fake the headers before doing so? I'd think those types of applications wouldn't have access to off-site cookies when doing requests but I'm not entirely sure...

tomcode, I know but I have the URL helper autoloaded in all my applications so I'm just used to site_url(). I only loaded the helper here to show it's used in the example.


Messages In This Thread
CSRF/XSRF protection different approach, is it safe? - by El Forum - 04-05-2009, 09:09 PM
CSRF/XSRF protection different approach, is it safe? - by El Forum - 04-06-2009, 01:16 AM
CSRF/XSRF protection different approach, is it safe? - by El Forum - 04-06-2009, 04:36 AM
CSRF/XSRF protection different approach, is it safe? - by El Forum - 04-06-2009, 04:48 AM
CSRF/XSRF protection different approach, is it safe? - by El Forum - 04-08-2009, 04:18 PM
CSRF/XSRF protection different approach, is it safe? - by El Forum - 04-08-2009, 10:20 PM



Theme © iAndrew 2016 - Forum software by © MyBB