Roy T. Fielding: “CSRF is not a security issue for the Web.”

0

http://lists.w3.org

«... CSRF is not a security issue for the Web. A well-designed Web service should be capable of receiving requests directed by any host, by design, with appropriate authentication where needed. If browsers create a security issue because they allow scripts to automatically direct requests with stored security credentials onto third-party sites, without any user intervention/configuration, then the obvious fix is within the browser... »

Full story »
can.axis's picture
Created by can.axis 15 years 12 weeks ago – Made popular 15 years 12 weeks ago
Category: High End   Tags:

Similar stories

GNOME Keyring 14 years 23 weeks ago
Is Firefox Fit for Enterprise Duty? 15 years 16 weeks ago
Firefox Security add-ons 16 years 15 weeks ago
MD5 considered harmful today 15 years 15 weeks ago

Best karma users

  1. andolasoft's picture
    andolasoft
  2. fred's picture
    fred
  3. nilarimogard's picture
    nilarimogard