PEAK XOOPS - Re: Auto-Login redirect page 
Re: Auto-Login redirect page
Re: Auto-Login redirect page
msg# 1.1
- depth:
- 1
GIJOE
Posts: 4110
Posts: 4110
hi marcan.
I'm sorry that my answer is too late.
I know the redirection is not so convinience.
If there are no CSRF vulnerable code in core and modules, the 4 lines should be commeted-out.
But I have to say the core of 2.0.9.2 is not secure enough against CSRF attack.
But!
I'm glad to hear core team adopt token system in 2.0.10 and after.
Thus, the redirection will be eliminated in autologin-hack for 2.0.10 and after
I'm sorry that my answer is too late.
I know the redirection is not so convinience.
If there are no CSRF vulnerable code in core and modules, the 4 lines should be commeted-out.
But I have to say the core of 2.0.9.2 is not secure enough against CSRF attack.
But!
I'm glad to hear core team adopt token system in 2.0.10 and after.
Thus, the redirection will be eliminated in autologin-hack for 2.0.10 and after
Votes:5
Average:0.00
Posts tree
-
Auto-Login redirect page
(marcan, 2005/3/18 21:36)
-
Re: Auto-Login redirect page
(GIJOE, 2005/4/4 17:44)
-
Re: Auto-Login redirect page
(marcan, 2005/4/4 20:52)
-
Re: Auto-Login redirect page
(GIJOE, 2005/4/12 11:55)
-
Re: Auto-Login redirect page
(marcan, 2005/4/12 20:54)
-
-
-
-
Login