Fixing CSRF exploits in Infrastructure
a.badger at gmail.com
Tue Nov 25 22:57:54 UTC 2008
Till Maas wrote:
> On Tue November 25 2008, Mike McGrath wrote:
>> GET vs POST is an interesting discussion. From a security point of view
>> though the only advantage is in how we log and that GET requests stay in
>> the logs.
> There may be also some other issues, e.g. when GET requests are used to submit
> confidential data, because then they may also be stored in the browsers
> history. But my concern was not about security issues.
>> Obviously though an authenticated web crawler could do accidently do some
>> serious damage.
> It would not be necessarily be serious damage, but the browser's session
> management could show annoying beheaviour, because then some requests could
> be made everytime a user restores are browser session.
For these issues we could either concentrate on fixing or mitigating
them. Fixing them would require the laborious changes I talked about
earlier to change the way the framework already processes the POST and
GET parameters before they get to us. Mitigation is easier -- we should
make it part of our best practices to never have links or GET driven
forms that make state changes when designing the UI and templates.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 197 bytes
Desc: OpenPGP digital signature
Url : http://lists.fedoraproject.org/pipermail/infrastructure/attachments/20081125/cd31154e/attachment.bin
More information about the infrastructure