XSRF example

By Rory2 on September 26, 2006 7:28 AM

Google Cross-site Request Forgery

Cross Site Request Forgery is one of those vulnerability classes that can be a bit tricky to explain, so it's always nice to find a decent live example. This one's pretty harmless, just changes your google languange preferences, but I reckon that we'll see a real growth in this kind of problem over the next couple of years as "the bad guys"(tm) keep looking for innovative new ways to attack web apps.


Categories:

Categories

Monthly Archives

About this Entry

This page contains a single entry by Rory2 published on September 26, 2006 7:28 AM.

Fix for XSS problems wih in_place_edit was the previous entry in this blog.

Seriously Cool - Easy IE on linux is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.

Pages

Powered by Movable Type 4.37

Search

About this Entry

This page contains a single entry by Rory2 published on September 26, 2006 7:28 AM.

Fix for XSS problems wih in_place_edit was the previous entry in this blog.

Seriously Cool - Easy IE on linux is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.