[pLog-svn] Anti CSRF solution

Mark Wu markplace at gmail.com
Fri Nov 23 02:48:36 EST 2007


We don't need to modify the php.ini...

BE\ecasue we use "front controller" pattern ...

So, we can add it to lifetype only modify admin.php, just a wild guess.

Mark 

> -----Original Message-----
> From: plog-svn-bounces at devel.lifetype.net 
> [mailto:plog-svn-bounces at devel.lifetype.net] On Behalf Of 
> Oscar Renalias
> Sent: Friday, November 23, 2007 3:43 PM
> To: LifeType Developer List
> Subject: Re: [pLog-svn] Anti CSRF solution
> 
> Looks interesting, but it's too bad that it requires 
> modifications to php.ini...
> 
> On Nov 23, 2007 9:30 AM, Mark Wu <mark.wu at markplace.net> wrote:
> >
> >
> > I know we discussion this issue before, but seems there is 
> no soluton 
> > for this.
> >
> > This come the code from google code, maybe we can borrow 
> the idea from 
> > this tool
> >
> > http://code.google.com/p/csrfx/
> >
> > Mark
> > _______________________________________________
> > pLog-svn mailing list
> > pLog-svn at devel.lifetype.net
> > http://limedaley.com/mailman/listinfo/plog-svn
> >
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://limedaley.com/mailman/listinfo/plog-svn



More information about the pLog-svn mailing list