"Diez B. Roggisch" <de...@nospam.web.de> writes: > Am 04.02.10 01:42, schrieb John Bokma:
[..] >> Maybe you should think about what happens if someone posts: >> <img src="http://example.com/item_delete?id=123";> to a popular forum... > > And the difference to posting > > from urrlib2 import open > from urllib import encode > > open("http://example.com/item_delete";, data=encode([("id", "123")])) > > to that same public "hacker" forum is exactly what? Imagine that a user of example.com, logged in at example.com (i.e. with a valid session ID in a cookie), visits the aforementioned (by me) forum, and that he has an item 123. It will be deleted. > If your webapp happens to allow item_delete to be called without > authentication & authorization, then *that's* your problem. You now understand that *with* a & a a GET request can be *still* harmful? -- John Bokma j3b Hacking & Hiking in Mexico - http://johnbokma.com/ http://castleamber.com/ - Perl & Python Development -- http://mail.python.org/mailman/listinfo/python-list
