Forum OpenACS Q&A: Response to Bugtraq: cross site scripting

Posted by Jon Griffin on
I still think the easiest way is to simply use a random number stored in a table that must be present for the dml to succeed.

Although it increases the use of the DB, the reality is mostly only admin pages need this security.