MetaTalk

Hmm.. nope. Can the mods, uh, modify the intro to this question? [more inside]
posted by yonation on Nov 22, 2008 - 79 comments

Is MeFi protected against CSRF? I know the logout link isn't (should be a form button anyway) and could be triggered by displaying an image to a MeFi user, but if the forms are vulnerable things could get nasty (imagine someone posting a link that changes your prefs, or makes you create a post, etc.). Just askin'...
posted by malevolent on Oct 22, 2006 - 97 comments