* Christopher Laco <[EMAIL PROTECTED]> [2008-01-23 04:45]: > If clients aren't using their browser against the REST > interface...than the worry of XSRF are dimished I would think.
Only if the browser-facing site does not allow the user to initiate destructive actions. That doesn’t seem like a very common scenario to me. Regards, -- Aristotle Pagaltzis // <http://plasmasturm.org/> _______________________________________________ List: [email protected] Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[email protected]/ Dev site: http://dev.catalyst.perl.org/
