On Wednesday, December 29, 2010 1:59:24 AM UTC-2, mdipierro wrote: > The book is incorrect. There is no problem with multiple forms per page
That is exactly what I said, but that is not my point. My point is: The fact that the book is incorrect may pose a security risk to users that follow it and don't know that it is incorrect. Users may code a CSRF vulnerable application by inadvertently disabling the CSRF protection when following the incorrect recommendation on the book. Regards, Fabiano.
