--- Ed Lazor <[EMAIL PROTECTED]> wrote: > The link below goes to a page I found that describes CSRF a > little differently than what Chris was presenting - to give a > different perspective on things. > > http://www.squarefree.com/securitytips/web-developers.html
It doesn't seem to be different, actually. It just fails to elaborate much at all. For a non-Chris description of CSRF, you can always have a look at the original description: http://www.tux.org/~peterw/csrf.txt This is at least a little more complete. I think CSRF is a bit difficult for someone to grasp at first, especially within a few sentences. :-) Chris ===== Chris Shiflett - http://shiflett.org/ PHP Security - O'Reilly Coming Fall 2004 HTTP Developer's Handbook - Sams http://httphandbook.org/ PHP Community Site http://phpcommunity.org/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php