- From: Daniel Glazman <daniel@glazman.org>
- Date: Mon, 07 Dec 2009 21:36:12 +0100
- To: Adam Barth <w3c@adambarth.com>
- Cc: public-web-security@w3.org
Adam Barth wrote: > I would encourage you to read the full thread before responding. A > more compelling risk is the theft of secret tokens used to protect > against CSRF. Those are stored in the default value of attributes of > input elements. I just started reading the thread. But it really starts with a false hypothesis and I replied to that. Let me explore the rest of the thread. After all, you did not get the whole thread yourself at the same moment, did you? </Daniel>
Received on Monday, 7 December 2009 20:36:52 UTC