Fixing CSRF exploits in Infrastructure
cra at WPI.EDU
Wed Nov 26 18:00:39 UTC 2008
On Wed, Nov 26, 2008 at 09:47:06AM -0800, Toshio Kuratomi wrote:
> Pretty much agreed on this analysis. My one note is that in my usage,
> at least, I already have to login most of the time when clicking on a
> link in bugzilla or email due to my session having expired already.
Stange. I almost never have to re-login to bugzilla once I've logged
in on a particular system.
More information about the infrastructure