CSRF: Flash + 307 redirect = Game Over |
[eluser]Unknown[/eluser]
Does anyone know if this security issue affects CodeIgniter's CSRF protection? http://lists.webappsec.org/pipermail/web...07533.html An fix for Rails' protection has already been released: http://weblog.rubyonrails.org/2011/2/8/c...y-on-rails |
Welcome Guest, Not a member yet? Register Sign In |