-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi all
I've done a article on CSRF protection (with demos) which may help you develop your OpenID site. I found many of your sites to be very open to CSRF attacks so please take the time to review my article and demos. http://www.thespanner.co.uk/2007/08/20/protection-against-csrf/ http://www.businessinfo.co.uk/labs/csrf_defend/csrf_demos.php Cheers Gareth -----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.5 wpwEAQECAAYFAkbNRmUACgkQrR8fg3y/m1Bm0gP/dC/2husxskKxKUFowmtlLOEEPM8b 3eA1YqoLlGs8OREOu1htWMswyE1le+TtGDWh2Joye2KDbdTuO0JvQ0DcKWRkWxwlc1Ve jEdTOVwvza18YRGsUhjvW7I2ji/uwXEu5ZSXSZk2mjmirQVYbcv5zFkIupvHuPB/8uqt IKHNQYE= =IXVT -----END PGP SIGNATURE----- -- Click for free home mortgage rates from top companies. http://tagline.hushmail.com/fc/Ioyw6h4d9W6EUsV6v1mwVsAH8t20s7vOgacpi189CBBihZ1Jq2LHI4/ _______________________________________________ security mailing list [email protected] http://openid.net/mailman/listinfo/security
