PEAK XOOPS - News comment 
News comment
Comments for News of this site(Moderator:Administrator)
- As this forum is only for commentation, you cannot open a new topic
- Guests cannot post into this forum
News comment
| Target | News |
| Subject | under the topic of against CSRF ... (2) |
| Summary | XOOPS has a simple system preventing from CSRF in DB layer. POST && Good Referer --> allow all SQL !POST || Bad Referer --> allow only SQL starting with "SELECT"This is troublesome.If someone post a news with referer off, he will get message "Your post... |
| hits 1 items | Replies | Views | Votes | Average | First post | Latest post | |
|---|---|---|---|---|---|---|---|
 |  Re: under the topic of against CSRF ... (2) | 1 | 11188 | 2 | 5.00 | 2006/6/1 8:38 skalpa  | 2006/6/2 6:48 GIJOE |
= Topic with new posts
= Topic without new posts
= Invisible topic (Only admins and moderators can read this)
= Sticky topic
= Locked topic- = Unsolved topic
= Marked
Login