You are right. We will fix it in the next edition.
On Dec 28, 10:15 pm, Fabiano <[email protected]> wrote: > On Wednesday, December 29, 2010 1:59:24 AM UTC-2, mdipierro wrote: > > The book is incorrect. There is no problem with multiple forms per page > > That is exactly what I said, but that is not my point. > > My point is: The fact that the book is incorrect may pose a security risk to > users that follow it and don't know that it is incorrect. > > Users may code a CSRF vulnerable application by inadvertently disabling the > CSRF protection when following the incorrect recommendation on the book. > > Regards, > Fabiano.
