[Owasp-turkey] CSRF ve Korunma

Mustafa Musa Ulker mulker at turksat.com.tr
Wed Sep 12 10:36:23 EDT 2007


Merhabalar,

CSRF'den soz acilmisken korunma yollarina da deginsek guzel olur diye dusunuyorum. Tek cozum secret tokenlar mi? HMAC'ler (keyed-Hash Message Authentication Code) daha etkin bir cozum degil mi? (PHP icin ornek implementasyon: http://pear.php.net/package/Crypt_HMAC )

Baska acilimlari olanlar?

Selamlar,

Mustafa Musa Ulker
Information Technologies

TURKSAT Satellite Communication and Cable TV Operator
Konya Yolu 40. Km. Golbasi / ANKARA - TURKEY
Tel : +90 312 615 30 00
Fax : +90 312 499 51 15
http://www.turksat.com.tr 



-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-turkey/attachments/20070912/45b6f962/attachment.html 


More information about the Owasp-turkey mailing list