[TYPO3-dev] protecting TYPO3 against cross-site scripting and click-jacking attacks ?

Dmitry Dulepov dmitry.dulepov at gmail.com
Mon Apr 18 14:03:08 CEST 2011


Hi!

bernd wilke wrote:
> In the last sentence they mention
> plugins for WordPress, Drupal and Django.

Interesting becase Django has a built-in transparent protection against 
CSRF, which is on by default.

-- 
Dmitry Dulepov
TYPO3 core&security team member
E-mail: dmitry.dulepov at typo3.org
Web: http://dmitry-dulepov.com/




More information about the TYPO3-dev mailing list