tapestry-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Thiago H. de Paula Figueiredo" <thiag...@gmail.com>
Subject Re: CSRF safeguard as GSoC task?
Date Mon, 14 Mar 2011 15:34:29 GMT
On Mon, 14 Mar 2011 12:01:30 -0300, Ulrich Stärk <uli@spielviel.de> wrote:

> I was just reviewing a Rails application when I stumbled upon Rails'  
> authenticity_token which guards
> against CSRF. Why don't we have something like that? ;)
>
> There are several approaches to this so a student's task would be to  
> evaluate them, discuss them
> with the community and implement the one chosen.

+1. By the way, unfortunately, I can't be a monitor this year. :(

-- 
Thiago H. de Paula Figueiredo
Independent Java, Apache Tapestry 5 and Hibernate consultant, developer,  
and instructor
Owner, Ars Machina Tecnologia da Informação Ltda.
http://www.arsmachina.com.br

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
For additional commands, e-mail: dev-help@tapestry.apache.org


Mime
View raw message