[pLog-svn] Anti CSRF solution

Mark Wu markplace at gmail.com
Thu Nov 29 08:51:58 EST 2007

Hi Matt:

I think I missed this one. 
> The forced order of execution follows from the single 
> execution of an action. You simply chain the logic here and 
> force subsequent requests to have the previous one-time 
> tokens as well. This set of chained single requests ensures 
> that the order of the requests is preserved.
> The problem this is trying to solve is as follows: If ajax 
> requests are done out of order by a user (or skipped), this 
> could potentially cause problems.

This is what I want to know more, thanks!!


More information about the pLog-svn mailing list