[seam-dev] JSF and CSRF
Dan Allen
dan.j.allen at gmail.com
Tue Mar 10 16:31:38 EDT 2009
I've put together a sample application [attached] that demonstrates the
various weakness that Christian has cited. It's a lame clone of Twitter. See
the README.txt to get started.
I will follow up later with a formal response to Christian's points.
-Dan
--
Dan Allen
Senior Software Engineer, Red Hat | Author of Seam in Action
http://mojavelinux.com
http://mojavelinux.com/seaminaction
NOTE: While I make a strong effort to keep up with my email on a daily
basis, personal or other work matters can sometimes keep me away
from my email. If you contact me, but don't hear back for more than a week,
it is very likely that I am excessively backlogged or the message was
caught in the spam filters. Please don't hesitate to resend a message if
you feel that it did not reach my attention.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/seam-dev/attachments/20090310/74892f5b/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: chatter-1.0.zip
Type: application/zip
Size: 119531 bytes
Desc: not available
Url : http://lists.jboss.org/pipermail/seam-dev/attachments/20090310/74892f5b/attachment.zip
More information about the seam-dev
mailing list