Hi again, I am open to learn, so please tell me, whats the benefit of url obscurity if not protecting against CSRF. A large german social network uses that to protect against CSRF - though they do not use UUIDs. Just links like domain.tld/long_random_looking_stuff_here, it works against mining too. I do not think UUIDs work against mining so well as they are not meant to be very random but very unique (e.g. following a pattern).
The above poster for sure wants to take a look at the security component, as I mentioned. Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
