sgattani at gmail.com
Thu Aug 2 00:34:05 UTC 2012
I am working on a rather large scale portal and trying to utilize the JS
Token injection strategy. However, a lot of the links for which the portal
of injecting a token into them have thus far not succeeded. Could you
provide some guidance regarding this. I cannot blanket unprotect the GET
method as I am not sure if it is truly being utilized as read only (large
legacy code base with home grown toolkit).
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-csrfguard