Avatar

preview.png has disappered, updated and figured out (General)

by Micha ⌂, Tuesday, July 03, 2018, 12:28 (2096 days ago) @ Auge

Hi Auge,

Would this make the token field really obsolete?

Yes, because only the server knows the salt (i.e. CSRF) token. It is not possible to generate the names of the form fields without having knowledge of the token (with some probability).

/Micha

--
applied-geodesy.org - OpenSource Least-Squares Adjustment Software for Geodetic Sciences


Complete thread:

 RSS Feed of thread