2010-11-22 06:10:56 |
dave b. |
description |
So while checking the REFERER is ok in most situations. It may be possible spoof the REFERER.
If an attacker can spoof the REFERER they can can potentially post to a url like https://launchpad.net/~USERNAME/+editsshkeys and add their ssh key.
Really, csrf tokens should be used in forms.
[0] - https://answers.launchpad.net/launchpad/+faq/1024
[1] - http://www.cgisecurity.com/csrf-faq.html |
So while checking the REFERER is ok in most situations. It may be possible spoof the REFERER.
If an attacker can spoof the REFERER they can can potentially post to a url like https://launchpad.net/~USERNAME/+editsshkeys and add their ssh key.
Really, csrf tokens should be added to forms.
[0] - https://answers.launchpad.net/launchpad/+faq/1024
[1] - http://www.cgisecurity.com/csrf-faq.html
|
|