Seba

Follow up on the OpenId post last week. Pdp has warned us against CSRF  attacks against OpenId  functionality:

“I hope that you understand the impact of this issue as it is one of the main things you will see when you deal with OpenID enabled systems. OpenID does make life easier bur if you don’t implement the infrastructure properly, you are asking for some serious trouble. “

More information online, recommended reading.

This entry was posted on Sunday, February 3rd, 2008 at 4:58 pm and is filed under Web Application Security Stories. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.