On Monday, April 04, 2011, Laurence Rowe wrote:
> I'd be interested to know how other z3c.form users approach CSRF protection
> and what approach they would recommend.
I am okay with (1), but find (3) ore attractive. Since I am not familiar with
the token solution to avoid CSRF attacks, can you briefly describe the sequence
that is used to avoid those requests? Maybe we can some up with a tightly
integrated solution. I have no problem with modifying z3c.form to support such
Entrepreneur and Software Geek
Google me. "Zope Stephan Richter"
Zope-Dev maillist - Zope-Dev@zope.org
** No cross posts or HTML encoding! **
(Related lists -