- changed status to open
JSONP export is sensitive to Cross-site request forgery attacks
Issue #1223
open
see http://en.wikipedia.org/wiki/JSON#Basic_Security_concerns <-- external websites a user visits who is logged in to BibSonomy can read his private posts.
Comments (2)
-
-
- marked as trivial
- Log in to comment