thomblake comments on Positive Bias Test (C++ program) - Less Wrong

26 Post author: MBlume 19 May 2009 09:32PM

You are viewing a comment permalink. View the original post to see all comments and the full post content.

Article Navigation

Comments (75)

Comments (75)

Sort By: Best

You are viewing a single comment's thread. Show more comments above.

Comment author: thomblake 20 May 2009 07:32:45PM 3 points [-]

there are working solutions to these problems

Such as? The only working solutions I know of are server-side, or disallowing javascript and/or cookies.

The position under discussion is that all things considered, turning scripting off seems to be a wrong decision.

No, the position under discussion is that turning Javascript off is "just totally stupid". If one can provide good pro tanto reasons for doing so, it is at least not "just totally stupid".

Comment author: taw 20 May 2009 09:01:23PM 0 points [-]

Disallowing Javascript does NOT protect you against CSRF - "Press button to see kittens" form works without any Javascript. The right solution is server-side - auth tokens for all cookie-validated write forms.

thomblake comments on Positive Bias Test (C++ program) - Less Wrong

Article Navigation

Comments (75)

Nearest Meetups

Virtual Study Room

Recent Comments

Recent Posts

Recent Rationality Quotes

Recent Wiki Edits

Top Contributors, 30 Days

Recent Karma Awards

Comments (75)

Top Contributors, 30 Days

You'll need to login or register to do that

(Don't worry, it only takes a few seconds)

Create

Login