couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sam Bisbee <...@sbisbee.com>
Subject CSRF Security/Tokens Proposal
Date Mon, 21 Mar 2011 22:54:41 GMT
Greetings all,

I've put together a Proposal to Prevent CSRF Attacks on CouchDB with Tokens,
summarizing my thoughts and conversations with Paul Davis and Adam Kocoloski.

Basically, it's not going to be pretty, but it's better than remaining open
to CSRF attacks. And it would be configurable.

Check it out, and I look forward to your comments:
https://gist.github.com/817490

Cheers,

-- 
Sam Bisbee
www.sbisbee.com

Mime
View raw message