Re: Form Security
- From: "Chung Leong" <chernyshevsky@xxxxxxxxxxx>
- Date: 10 Mar 2006 15:00:49 -0800
Jerry Stuckle wrote:
I know *exactly* how auto-form-submission works. In fact, from your
posts here I expect I know a lot more about it than you do. I've been
in this field too many years. What you describe is only *one way* it can
happen. And it's not even the most common.
What I described was a vulnerability that can be countered by the
method proposed by the OP. Thus I assumed that is in fact what he is
referring to when he said auto-submission and responded accordingly. I
don't really feel the need to interpret other people's statements in
the worst light in order to show that I'm more knowledgeable.
.
- Follow-Ups:
- Re: Form Security
- From: Jerry Stuckle
- Re: Form Security
- References:
- Form Security
- From: Scott
- Re: Form Security
- From: Chung Leong
- Re: Form Security
- From: Jerry Stuckle
- Re: Form Security
- From: Chung Leong
- Re: Form Security
- From: Jerry Stuckle
- Form Security
- Prev by Date: how do people feel about the PEAR db class?
- Next by Date: Re: Difference between get_cfg_var() and ini_get()
- Previous by thread: Re: Form Security
- Next by thread: Re: Form Security
- Index(es):
Relevant Pages
|
