Hi everybody, I've had this idea about how a browser could allow end users to protect themselves against CSRF and similar attacks. You can read about it at http://my.opera.com/haakeyar/blog/csrf-we-need-protection. (I'm sorry for posting it on the community site for the Opera browser, but I just needed a place to post it and I already had an account at Opera, so...) It was also mentioned in the last episode of The Command Line Podcast, at http://thecommandline.net/2007/12/23/news_125/ What do you guys think about this? Is it something that could be implemented some time in the future? Should a bug be filed about it? I understand that this in could be sort of overlapping with bug 117222, but in my opinion it is not exactly the same, even though a solution for this one would be a solution for that one. I also understand that maybe this should be in the wishlist-group instead, but since it is very security-related, I decided to post it here. Feel free to point me somewhere else.
Regards, Håkon _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
