|
|
Post by _ Guido _ on Oct 21, 2014 11:11:11 GMT 1
If you go in KoGaMa EU and if you do right click and click on intelligence of the page you'll se at a place CSRFToken, that's a pirate hack. Look Daniel and warnd Caspar ! That's an attack I also found we could stop this attack en.wikipedia.org/wiki/Cross-site_request_forgery. |
|
|
|
Post by _ Guido _ on Oct 21, 2014 11:12:22 GMT 1
It is on US and BR too  |
|
|
|
Post by YL on Oct 21, 2014 14:16:49 GMT 1
99,99999999999% sure this is intentionally placed by the admins to serve a real purpose
|
|
|
|
Post by _ Guido _ on Oct 21, 2014 14:24:43 GMT 1
Nope becase that's not a protection but a hack, why admins would hack KoGaMa ?
|
|
|
|
Post by YL on Oct 21, 2014 14:29:53 GMT 1
It is a protection...
This is from a developer forum:
Okay guys i am writing a django application and i just want an idea of what actually a csrf token is and how does it protect the data ? if we don't use csrf tokens, isn't the the post data safe ??
Well i know how to use csrf_token but just need some information is how it works. Thanks
This is the reply:
The site generates a unique token when it makes the form page. This token is required to post/get data back to the server.
Since the token is generated by your site and provided only when the page with the form is generated, some other site can't mimic your forms -- they won't have the token and therefore can't post to your site.
CSRFToken is added to Kogama to protect you from csrf attacks
|
|
|
|
Post by _ Guido _ on Oct 21, 2014 14:58:11 GMT 1
Oh I got it ^^
|
|
