Security

Hi, a firefox extension was recently released to grab session ID
cookies from a private network for the popular sites like facebook etc
You can read about it here http://goo.gl/x4Z1

I was wondering how Django sits with this type of attack. I know there
are the CSRF tokens, do they prevent this though? I thought they were
just for form posts?

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to django-users+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/django-users?hl=en.