Package: wnpp Owner: Nicholas Bamber <[email protected]>, Jaldhar H. Vyas <[email protected]> Severity: wishlist X-Debbugs-CC: [email protected],[email protected]
* Package name : libcgi-application-plugin-protectcsrf-perl Version : 1.01 Upstream Author : Akira Horimoto <[email protected]> * URL : http://search.cpan.org/dist/CGI-Application-Plugin-ProtectCSRF/ * License : Artistic or GPL-1+ Programming Lang: Perl Description : plugin to generate and verify anti-CSRF challenges CGI::Application::Plugin::ProtectCSRF is a CGI::Application plugin that helps protect against CSRF attacks. It works by tying back the processing of a form to the display of a form. A cross-site request forgery is a form of online attack in which Mr Attacker posts what appears to be an image in, say, a forum. However the image src attribute is carefully crafted to undertake some action desired by Mr Attacker on the target website. The trap is sprung when Mr Victim, logs on to the target website and then views the image set up by Mr Attacker in the same browser. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
