[cap-talk] solve CSRF by making references unforgeable, not unshareable

John Carlson john.carlson3 at sbcglobal.net
Wed Mar 25 11:30:59 EDT 2009


>
> This insight leads us to propose the following aphorism: Solve CSRF
> attacks by making references unforgeable, not by making them
> unshareable.

Wouldn't making SQL queries unforgeable solve the SQL injection  
problems?

Seems like a common thread.

John
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.eros-os.org/pipermail/cap-talk/attachments/20090325/eb3a7fdf/attachment.html 


More information about the cap-talk mailing list