Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming CSRF/XSRF protection different approach, is it safe?
CSRF/XSRF protection different approach, is it safe?
  • El Forum
    Guest
  •  
#5
04-08-2009, 04:18 PM

[eluser]Jelmer[/eluser]
That wasn't the kind of access I was worried about. This is about CSRF attacks, attacks through such an application wouldn't typicly be CSRF attacks.

I was worried about an flash or java application requesting stuff from one of my sites while using my existing cookies/sessions. It shouldn't get access when coming from an external site, but when it changes its headers (like the HTTP_REFERER header) it would break the above security measure. And I was wondering wheter such an application would be authenticated with my existing cookies, or wheter it wouldn't be allowed to use those cookies...

No one any knowledge on the safety of the above?


Messages In This Thread
CSRF/XSRF protection different approach, is it safe? - by El Forum - 04-05-2009, 09:09 PM
CSRF/XSRF protection different approach, is it safe? - by El Forum - 04-06-2009, 01:16 AM
CSRF/XSRF protection different approach, is it safe? - by El Forum - 04-06-2009, 04:36 AM
CSRF/XSRF protection different approach, is it safe? - by El Forum - 04-06-2009, 04:48 AM
CSRF/XSRF protection different approach, is it safe? - by El Forum - 04-08-2009, 04:18 PM
CSRF/XSRF protection different approach, is it safe? - by El Forum - 04-08-2009, 10:20 PM



Theme © iAndrew 2016 - Forum software by © MyBB