On Thursday, February 10, 2011 4:48:05 PM UTC, Brian Craft wrote: > > I'll have to look at this in more detail, but two notes, off-the-top. > > First, port 80 is kept open because the browser will try port 80 if > the user types in the url without the protocol. On port 80 all we do > is issue a redirect to https, but the client will have spilled the > cookies by then. > > Second, the most like scenario for this to happen is with a wireless > MITM. E.g. an attacker sits in, or near a coffee shop, or office, with > a laptop setup as an AP, trolling for connections from unsuspecting > users. If anyone connects, the laptop can be used as a MITM. So, for > example, when the user types the url and hits port 80, the MITM can > create an https connection to the target site, and return it via http. > > I'm not certain there's a csrf attack here, but I suspect there is. > Just a warning: if you think you're getting close to identifying a security hole, please don't post it in a public newsgroup, but email it directly to the private Django security list: secur...@djangoproject.com -- DR.
-- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.