[tahoe-dev] web "control panel", static server selection UI

[Chris Palmer]

To avoid the $SECRET-in-URL leaking problem, put $SECRET in a hidden form
field that is sent to the server in POST requests to update the
configuration, rather than in a leakable URL. (Secrets don't belong in
names, no matter how much you want them to.)

Then you'd have a solution identical to the standard CSRF solution for
non-cap web apps. It is proven to work well.

Of course, making $SECRET short-lived is still a good idea.


-- 
http://noncombatant.org/