Hello Curt, Yes, the /. system depends on cookies to keep the user logged in.
However a CSRF attack is NOT trying to access a third party cookie. The web browser make the same GET request whether it is using <img/> TAG or the user clicking on a link. So in either case the cookies are in the context of the website to which the cookies belong. Maybe Chris can correct me, if I am wrong here. Thanks. Saqib Ali http://validate.sf.net <<< XHTML/DocBook XML Validator and Transformer Curt Zirzow <[EMAIL PROTECTED]> No Phone Info Available 08/16/2004 02:40 PM To [EMAIL PROTECTED] cc Subject Re: [PHP] CSRF attack not possible in I.E. 6.01 SP1? * Thus wrote [EMAIL PROTECTED]: > Hello Chris, > > I can't share the exact code ;) , but here is something very similar: > > <img src="http://slashdot.org/my/logout"; height="1" width="1"> > > If I load a web page with the above code, it should log me out of > slashdot. It works in Mozilla (and netscape), but not in I.E. 6.01 SP1 I'm not sure how the /. logout system works, but my guess is that they rely on cookies to do this. Since that is a different site than from the originating file, those cookies would be considered third party. I know in IE you can disable third party cookie access. Curt -- First, let me assure you that this is not one of those shady pyramid schemes you've been hearing about. No, sir. Our model is the trapezoid! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
