Forum OpenACS Q&A: Response to Bugtraq: cross site scripting

Collapse
17: Response to Bugtraq: cross site scripting (response to 1)
Posted by Jon Griffin on 03/28/02 04:07 PM
I still think the easiest way is to simply use a random number stored in a table that must be present for the dml to succeed.

Although it increases the use of the DB, the reality is mostly only admin pages need this security.