W3C home > Mailing lists > Public > www-tag@w3.org > February 2010

ACTION-278: CSRF defense use case?

From: Jonathan Rees <jar@creativecommons.org>
Date: Tue, 16 Feb 2010 16:19:40 -0500
Message-ID: <760bcb2a1002161319y52a9b2a9v6e1f600f0e9857fe@mail.gmail.com>
To: Tyler Close <tyler.close@gmail.com>
Cc: www-tag@w3.org

I think it would be useful in this discussion to have a CSRF defense
use case on hand, since that's where this discussion started [1]. Can
you provide a simple but somewhat realistic scenario where unguessable
URIs might be helpful in CSRF defense?


[1] http://www.w3.org/2001/tag/2009/06/23-minutes.html#item05

Tracker, this is ACTION-278
Received on Tuesday, 16 February 2010 21:20:13 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 22:56:33 UTC