Skip to content

Better Know a Vulnerability: Cross Site Request Forgery (CSRF)

  • by

One of the easier to understand vulnerabilities is the CSRF. It’s also one of the most common issues we see in plugins and themes, because people rarely think about it. Imagine that I have a form that takes input, like so: Now, that’s a simple form (and missing a submit button to boot), but you […]

Comment Form Autocomplete Snippet

  • by

Google came out with an experimental specification for websites to provide “hints” on forms, to allow things like autocomplete to work better and be more standardized. Seems useful. Here’s a quick plugin snippet you can use to make your comments form use this specification. Only Chrome 15 and up is using this at the moment, […]