This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author pitrou
Recipients Arfrever, Tim.Graham, berker.peksag, georg.brandl, pitrou, r.david.murray
Date 2014-11-04.18:34:36
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <[email protected]>
In-reply-to
Content 
The security issue isn't easy to explain, it involves an elaborated set of services (browser, Web site...) each having a slightly different notion of cookie parsing to mount an attack allowing to bypass CSRF protection on certain Python-powered frameworks. It's from a report made to [email protected].
History
Date User Action Args
2014-11-04 18:34:36pitrousetrecipients: + pitrou, georg.brandl, Arfrever, r.david.murray, berker.peksag, Tim.Graham
2014-11-04 18:34:36pitrousetmessageid: <[email protected]>
2014-11-04 18:34:36pitroulinkissue22796 messages
2014-11-04 18:34:36pitroucreate

Follow Lee on X/Twitter - Father, Husband, Serial builder creating AI, crypto, games & web tools. We are friends :) AI Will Come To Life!

Check out: eBank.nz (Art Generator) | Netwrck.com (AI Tools) | Text-Generator.io (AI API) | BitBank.nz (Crypto AI) | ReadingTime (Kids Reading) | RewordGame | BigMultiplayerChess | WebFiddle | How.nz | Helix AI Assistant