in reply to Apache2::AuthCookieDBI, Mason, and protecting against Cross-Site Request Forgery (CSRF)

Well, AFAIK, cookies don't protect against CSRF
  • Comment on Re: Apache2::AuthCookieDBI, Mason, and protecting against Cross-Site Request Forgery (CSRF)

Replies are listed 'Best First'.
Re^2: Apache2::AuthCookieDBI, Mason, and protecting against Cross-Site Request Forgery (CSRF)
by Anonymous Monk on Sep 21, 2012 at 22:57 UTC
    Yes, I know. That's why the site is vulnerable.
[reply]

In Section Seekers of Perl Wisdom