[Owasp-turkey] CSRF ve Korunma
Mustafa Musa Ulker
mulker at turksat.com.tr
Wed Sep 12 10:36:23 EDT 2007
Merhabalar,
CSRF'den soz acilmisken korunma yollarina da deginsek guzel olur diye dusunuyorum. Tek cozum secret tokenlar mi? HMAC'ler (keyed-Hash Message Authentication Code) daha etkin bir cozum degil mi? (PHP icin ornek implementasyon: http://pear.php.net/package/Crypt_HMAC )
Baska acilimlari olanlar?
Selamlar,
Mustafa Musa Ulker
Information Technologies
TURKSAT Satellite Communication and Cable TV Operator
Konya Yolu 40. Km. Golbasi / ANKARA - TURKEY
Tel : +90 312 615 30 00
Fax : +90 312 499 51 15
http://www.turksat.com.tr
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-turkey/attachments/20070912/45b6f962/attachment.html
More information about the Owasp-turkey
mailing list