MY_Form_Validation w/ spam and CSRF protection |
[eluser]erik.brannstrom[/eluser]
Hey guys, I extended the form validation library the other day to deal with some issues I had with spam by using nonce words. I realized while I was at it that I might also be able to prevent CSRF attacks using the same idea. This might look like a shameless plug for my blog, but I really wish to get some input on this. If I get some support for this I'll add it to the wiki as soon as possible, since I believe this is a useful addition to the framework. http://blog.streambur.se/2010/06/no-nons...g-a-nonce/ UPDATE: New version at http://blog.streambur.se/2010/07/form-pr...revisited/ Best regards, Erik |
Welcome Guest, Not a member yet? Register Sign In |