"CSRF" is about protecting forms of "spamming", adding a field generated at runtime that identifies the form as unique. if the form is used otherwise than through the application, the field for "csrf" will not be valid, and therefore it will be identified as an attack. see it on wikipedia
http://en.wikipedia.org/wiki/Cross-site_request_forgery i apologize for my horrible english.. im' using google translator :) On Jan 20, 5:06 pm, Enrico Stahn <[email protected]> wrote: > Hello, > > I've wondered if it is uncommon to protect "normal" links against > attackers. I have found a feature request for this issue but no > response since one year. > > http://trac.symfony-project.org/ticket/5742 > > Maybe i misunderstood the concept of csrf in this case. Could somebody > give me clarification about this? > > Thanks > Enrico
-- You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en.
