JGWeissman comments on Positive Bias Test (C++ program) - Less Wrong

26 Post author: MBlume 19 May 2009 09:32PM

You are viewing a comment permalink. View the original post to see all comments and the full post content.

Comments (75)

You are viewing a single comment's thread. Show more comments above.

Comment author: JGWeissman 20 May 2009 10:33:16PM 0 points [-]

Reading up about this a bit more it does appear that noscript does help against XSRF even those that don't use javascript, by changing post requests to untrusted sites to empty gets.

Neat. Though I think you meant "changing post requests from untrusted sites to trusted sites to empty gets", as would be expected to protect against Cross Site Forgery.