Comment 37 for bug 560246
Revision history for this message
| Kirils Solovjovs (linux-kirils) wrote | #37 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
I think they would show that Lauchpad is already currently vulnerable to XSRF and nothing would change in that respect. So, is there a specific standart or ready made testcases that need to be presented to go forward with this change?
If not, and just plain speculation is enough - take my word for it - XSRF is already possible and should NOT be "solved" by checking ref header.