Tuesday, August 6, 2013

Re: Security Advisory: BREACH and Django

On Tuesday, August 6, 2013 3:42:01 PM UTC+1, Jacob Kaplan-Moss wrote:

We plan to take steps to address BREACH in Django itself, but in the meantime we recommend that all users of Django understand this vulnerability and take action if appropriate.


Would randomizing the CSRF token on each request be the correct way to fix this in Django?

Tom 

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

posted by twitter @ 9:16 AM   0 Comments

0 Comments:

Post a Comment

Subscribe to Post Comments [Atom]

<< Home


Real Estate