> -----Original Message----- > Definitely, but most CSRF attacks are meant to spoof a request from the > legitimate user to some Web site where he/she already has privilege. Thus, > the receiving site is usually as much the victim as the user. > > I'm not sure if that makes any sense... :-)
It does =) -Ed -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
