[Catalyst] preventing Cross Site Request Forgery

Bill Moseley moseley at hank.org
Tue Jun 19 15:11:10 GMT 2007


On Tue, Jun 19, 2007 at 04:10:25AM -0500, Jonathan Rockway wrote:
> http://www.25hoursaday.com/weblog/2007/06/05/WhatRubyOnRailsCanLearnFromASPNET.aspx
> 
> and realized that Catalyst is just as "vulnerable" as Rails.  So, I wrote 
> Catalyst::Plugin::FormCanary to solve the problem.  If you care about CSRF, 
> get it from CPAN, load it into your app, and stop worrying :)

Is this much different than Catalyst::Plugin::RequestToken?

-- 
Bill Moseley
moseley at hank.org




More information about the Catalyst mailing list