On Sun, Apr 14, 2013 at 4:59 AM, Tom Christie wrote:
> One minor correction worth pointing out...
>
> "The first defense against CSRF attacks is to ensure that GET requests are
>>> side-effect free." What's meant by "side effect free"?
>>
>>
>
> It means that the request
One minor correction worth pointing out...
"The first defense against CSRF attacks is to ensure that GET requests are
>> side-effect free." What's meant by "side effect free"?
>
>
It means that the request must be idempotent - that if you make the same
> request on the server multiple times,
Russ,
This is a really great explanation of CSRF vulnerabilities, and I think I
have a handle on what I need to do now.
Thanks for taking to time to spell things out for me.
>
>
Best,
Spork
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To
On Fri, Apr 12, 2013 at 10:49 AM, wrote:
> Hi,
>
> I'm fairly new to web development and Django, and I'm trying to make sure
> my application is protected against CSRF attacks. I've read through
> https://docs.djangoproject.com/en/dev/ref/contrib/csrf/, but I'm not
>
Hi,
I'm fairly new to web development and Django, and I'm trying to make sure
my application is protected against CSRF attacks. I've read through
https://docs.djangoproject.com/en/dev/ref/contrib/csrf/, but I'm not
confident I'm understanding it fully. I'd be very grateful for some
5 matches
Mail list logo