Simon Willison’s Weblog

Items tagged csrf, security in 2005

Filters: Year: 2005 × csrf × security ×


Cross-site request forgery (CSRF). Somehow this vulnerability is news to me. # 6th May 2005, 11:07 pm

Fighting RFCs with RFCs

Google’s recently released Web Accelerator apparently has some scary side-effects. It’s been spotted pre-loading links in password-protected applications, which can amount to clicking on every “delete this” link — bypassing even the JavaScript prompt you carefully added to give people the chance to think twice.

[... 353 words]

Types

Years

Months

Tags