Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Q and A on cross site request forgeries and breaking into sessions. It's one of the attacks that XSS enables and the attack of the future. For Session, fixations, hijacking, lockout, replay, session riding etc.... 

Current Page: 1 of 1
Results 1 - 2 of 2
5 years ago
exesteam
Hi barbarianbob, that's exactly what I meant. Thanks. One question, is sub.domain.com different from domain.com ? (Provided that the cookie is strictly created for domain.com and not for subdomains or are there some problems?)
Forum: CSRF and Session Info
5 years ago
exesteam
Hi, I'm wondering if it's enough if I transfer my files through my dedicated IP? For example, my site is site.com and IP is 1.2.3.4, so I would transfer my files through http://1.2.3.4/file.gif Would this be safe? I know that a different domain will do, but what about using an IP? And what about subdomains? Of course I need to make sure that the site is indeed loaded as http://1.2.3
Forum: CSRF and Session Info
Current Page: 1 of 1