Fixing CSRF exploits in Infrastructure

Chuck Anderson cra at WPI.EDU
Wed Nov 26 18:00:39 UTC 2008

On Wed, Nov 26, 2008 at 09:47:06AM -0800, Toshio Kuratomi wrote:
> Pretty much agreed on this analysis.  My one note is that in my usage,
> at least, I already have to login most of the time when clicking on a
> link in bugzilla or email due to my session having expired already.

Stange.  I almost never have to re-login to bugzilla once I've logged 
in on a particular system.

More information about the infrastructure mailing list