Do you notice all the other crazy bad things that the applications you use do? T... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		tptacek on July 22, 2009 \| parent \| context \| favorite \| on: Hacking CSRF Tokens using CSS History Hack Do you notice all the other crazy bad things that the applications you use do? This is not a particularly virulent attack.

timf on July 23, 2009 [–]

Sure. And I noticed the tokens in URLs but did not usually care that much since they are over https which doesn't reveal the parameters. Now I do care.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact