This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet"
From OWASP
| Line 1: | Line 1: | ||
== Don't post theoretical attacks, or "here say" on any OWASP page. == | == Don't post theoretical attacks, or "here say" on any OWASP page. == | ||
| − | + | If you edit this page, please provide a rational. If you make a mindless edit without rationalization, it maybe reverted. | |
| − | + | A referer check is a valid form of protection and is currently being used to stop the most dangerous CSRF vulnerability ever discovered (according to the DHS: http://www.kb.cert.org/vuls/id/643049). If you think it be exploited, PROVE IT. Stop spreading clearly false information on OWASP. | |
Revision as of 20:31, 7 August 2013
Don't post theoretical attacks, or "here say" on any OWASP page.
If you edit this page, please provide a rational. If you make a mindless edit without rationalization, it maybe reverted.
A referer check is a valid form of protection and is currently being used to stop the most dangerous CSRF vulnerability ever discovered (according to the DHS: http://www.kb.cert.org/vuls/id/643049). If you think it be exploited, PROVE IT. Stop spreading clearly false information on OWASP.
