WebApp Sec mailing list archives
RE: [PHP] CSRF attack not possible in I.E. 6.01 SP1? WOT
From: Chris Shiflett <shiflett () php net>
Date: Mon, 16 Aug 2004 11:25:09 -0700 (PDT)
--- Jay Blanchard <jay.blanchard () niicommunications com> wrote:
[snip] Perhaps the question could be asked another way and be more on topic. Is there a fix in I.E. 6.01 that would interfere with PHP being able to generate different mime types on the fly, like .png or .jpg???? [/snip] a. But that wasn't what he asked.
Actually, that's exactly what he asked, just rephrased. :-) Chris ===== Chris Shiflett - http://shiflett.org/ PHP Security - O'Reilly Coming Fall 2004 HTTP Developer's Handbook - Sams http://httphandbook.org/ PHP Community Site http://phpcommunity.org/
Current thread:
- RE: [PHP] CSRF attack not possible in I.E. 6.01 SP1? WOT Jay Blanchard (Aug 17)
- RE: [PHP] CSRF attack not possible in I.E. 6.01 SP1? WOT Chris Shiflett (Aug 17)