Changes between Initial Version and Version 2 of Ticket #15845
- 04/18/2011 07:27:41 PM (6 years ago)
- Property Status changed from
initial v2 1 1 The CSRF validation compares request.COOKIES[settings.CSRF_COOKIE_NAME] and request.POST.get('csrfmiddlewaretoken', '') to see if a request is legal. But unfortunately both two values are provided by the client side, and they are the same. So it is easy for attackers to fake a request that no 403 will be thrown. 2 3 2 4 3 The attached project provides one url entry that returns "ok", unless CSRF fails. Following cmds show how to cheat.