WebApp Sec mailing list archives

RE: [PHP] CSRF attack not possible in I.E. 6.01 SP1? WOT

From: Chris Shiflett <shiflett () php net>
Date: Mon, 16 Aug 2004 11:25:09 -0700 (PDT)

--- Jay Blanchard <jay.blanchard () niicommunications com> wrote:

[snip]
Perhaps the question could be asked another way and be more on
topic.

Is there a fix in I.E. 6.01 that would interfere with PHP being
able to generate different mime types on the fly, like .png or
.jpg????
[/snip]

a. But that wasn't what he asked.


Actually, that's exactly what he asked, just rephrased. :-)

Chris

=====
Chris Shiflett - http://shiflett.org/

PHP Security - O'Reilly
     Coming Fall 2004
HTTP Developer's Handbook - Sams
     http://httphandbook.org/
PHP Community Site
     http://phpcommunity.org/

Current thread:

RE: [PHP] CSRF attack not possible in I.E. 6.01 SP1? WOT Jay Blanchard (Aug 17)
- RE: [PHP] CSRF attack not possible in I.E. 6.01 SP1? WOT Chris Shiflett (Aug 17)