CSRF protection done!
Toshio Kuratomi
a.badger at gmail.com
Sat Nov 28 06:15:24 UTC 2009
I'd just like to say thanks to G_work, mdomsch, lmacken, ricky,
ivazquez, mikem, and mbonnet. Thanks to the efforts of all of these people
we have finally succeeded in adding csrf protection to all of the web apps
we've coded for infrastructure[1]_. Congratulations guys on closing a
security flaw that plagues other major proprietary sites [2]_ to this day!
.. _[1]: https://fedorahosted.org/fedora-infrastructure/ticket/992
.. _[2]:
http://www.internetnews.com/security/article.php/3849616/Facebook+Hit+With+New+CSRF+Worm.htm
-Toshio
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-infrastructure-list/attachments/20091127/37153f69/attachment.sig>
More information about the Fedora-infrastructure-list
mailing list