1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
Source: libcgi-application-plugin-protectcsrf-perl
Maintainer: Debian Perl Group <pkg-perl-maintainers@lists.alioth.debian.org>
Section: perl
Testsuite: autopkgtest-pkg-perl
Priority: optional
Build-Depends: debhelper-compat (= 13), libmodule-build-perl
Build-Depends-Indep: perl,
libcgi-application-plugin-session-perl,
libhtml-parser-perl,
libhtml-template-perl,
libtest-pod-perl,
libtest-pod-coverage-perl
Standards-Version: 3.9.6
Vcs-Browser: https://salsa.debian.org/perl-team/modules/packages/libcgi-application-plugin-protectcsrf-perl
Vcs-Git: https://salsa.debian.org/perl-team/modules/packages/libcgi-application-plugin-protectcsrf-perl.git
Homepage: https://metacpan.org/release/CGI-Application-Plugin-ProtectCSRF
Package: libcgi-application-plugin-protectcsrf-perl
Architecture: all
Depends: ${misc:Depends},
${perl:Depends},
perl,
libcgi-application-plugin-session-perl,
libhtml-parser-perl
Enhances: libcgi-application-perl
Description: plugin to generate and verify anti-CSRF challenges
CGI::Application::Plugin::ProtectCSRF is a CGI::Application plugin that
helps protect against CSRF attacks. It works by tying back the processing
of a form to the display of a form.
.
A cross-site request forgery is a form of online attack in which Mr Attacker
posts what appears to be an image in, say, a forum. However the image src
attribute is carefully crafted to undertake some action desired by Mr Attacker
on the target website. The trap is sprung when Mr Victim, logs on to the
target website and then views the image set up by Mr Attacker in the same
browser.
|
