jacques.le.roux wrote:
>
>
> It seems that's Michele (euronymous) saying <<it only minimizes XSRF
> (without actually eliminating it) restricting the attack window
> time>> has a point there.
> We may lean on his specific (hobby, best ones, with deep motivation ;o)
> knowledge and guide him where/if he feels so ?
>
> Jacques
>
>
Jacques, David, developers...
It would be a pleasure to work on Ofbiz security, from both a developer and
attacker point of view...
It would be a good exercise for me, to deeply understand Ofbiz internals.
Maybe we can share your knowledge in ofbiz core, and my knowledge about web
app security...
If you can point me in the right way, as Jacques said, I will develop the
solution together with you...
Let me know
Michele
--
View this message in context:
http://www.nabble.com/Security-Issues-tp21622188p21639770.html
Sent from the OFBiz - Dev mailing list archive at Nabble.com.
