Hi,
thanks for the recent security fixes regarding potential CSRF attacks! I
checked our mischief logs for relevant messages today and the only one I
found was this:
Nov 24 19:33:24 2021 (117276) Form for user x...@smail.uni-koeln.de
submitted with CSRF token issued for x...@smail.uni-koeln.de.
The only difference is in the case of the email address. I’m no expert
on CSRF attacks, but to me it seems as though the comparison should
perhaps disregard differences in case only?
Thanks,
Sebastian
--
.:.Sebastian Hagedorn - Weyertal 121 (Gebäude 133), Zimmer 2.02.:.
.:.Regionales Rechenzentrum (RRZK).:.
.:.Universität zu Köln / Cologne University - ✆
+49-221-470-89578.:.
------------------------------------------------------
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
https://mail.python.org/archives/list/mailman-users@python.org/
