On Thu, Jan 14, 2010 at 9:20 AM, Tyler Close <[email protected]> wrote: > The confidentiality of a resource can be compromised by a CSRF > vulnerability in a legitimate client.
Can you define what you mean by CSRF? I think we must have different ideas about what the term means because I don't understand that sentence. For reference, here's a definition of CSRF that I wrote in 2008: "In a cross-site request forgery (CSRF) attack, the attacker disrupts the integrity of the user’s session with a web site by injecting network requests via the user’s browser." --- http://www.adambarth.com/papers/2008/barth-jackson-mitchell-b.pdf Here's how Wikipedia defines CSRF: "Cross-site request forgery, also known as a one-click attack or session riding and abbreviated as CSRF ("sea-surf"[1]) or XSRF, is a type of malicious exploit of a website whereby unauthorized commands are transmitted from a user that the website trusts." --- http://en.wikipedia.org/wiki/Cross-site_request_forgery In particular, both of these definitions talk about integrity violations on the server. You seem to be talking about a confidentiality issues on the client. Adam
