ramiles Wrote: > > 1) I don't understand why cross-site request forgery (csrf) > should be considered an issue with a slimserver on a home network, and > why slimserver software should consider it. >
Well, it's not a problem if you're *only* on a home network since you will not presumably encounter anything malicious. But if you go onto the internet then it's feasible that a csrf attack could be launched against you. I won't go into explaining the details of a csrf attack since there are others elsewhere who have done a far more thorough and elegant job than I ever could. Suffice it to say that it *is* possible. In short: any site can request any url on the web and even pass in variables (through GET or POST) so it's important for the requested application to know what the source of the request is before acting on the request. ramiles Wrote: > > 2) There was no simple suggestion offered for a setting or patch for my > explorer 7.0. > Don't know what the issue is with explorer 7.0. Check it's security settings? I don't use the browser. You could always turn off CSRF protection (server settings -> security). It's pretty unlikely that an attack would be launched against your slimserver installation. ramiles Wrote: > > 3) I don't get this error on my Nokia 770 > Yeah, there's something wrong with your IE7 configuration. -- azinck3 ------------------------------------------------------------------------ azinck3's Profile: http://forums.slimdevices.com/member.php?userid=3967 View this thread: http://forums.slimdevices.com/showthread.php?t=23694 _______________________________________________ discuss mailing list [email protected] http://lists.slimdevices.com/lists/listinfo/discuss
