
Perl: the Markov chain saw
	PerlMonks

Is your web application really secure? ("CSRF")

by tinita (Parson)

on Mar 27, 2007 at 18:49 UTC ( [id://606832]=perlmeditation: print w/replies, xml )

Need Help??

Help for this page

Select Code to Download

Select or download this

<form action="http://yourdomain.example/script" method="POST">
<input type="text" name="realname">
<input type="submit" name="submit.save_realname" value="Save">
</form>

Select or download this

if ($cgi->param('submit.save_realname')) {
  my $name = $cgi->param('realname');
...
  $user->realname($name);
  $user->update;
}

Select or download this

<img src="http://yourdomain.example/script?submit.save_realname=1;real
+name=owned" height="0" width="0" alt="">
or even:
<meta http-equiv="refresh" content="0; URL=http://yourdomain.example/s
+cript?submit.save_realname=1;realname=owned">

Select or download this

<body onLoad="document.forms[0].submit()">
<form action="http://yourdomain.example/script" method="POST">
<input type="text" name="realname">
<input type="submit" name="submit.save_realname" value="Save">
</form>

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: perlmeditation [id://606832]
Approved by Corion
Front-paged by Corion
help

Chatterbox^?

How do I use this? • Last hour • Other CB clients

Other Users^?

Others goofing around in the Monastery: (7)

As of 2024-04-19 13:05 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Today I Learned

Voting Booth^?

No recent polls found