Is there a reason to put tokens on a search form? | ansaurus

tags:

views:

27

answers:

1

Q:

Is there a reason to put tokens on a search form?

Let me first tell that I understand the concept of CSRF attacks. Now I wonder, are there benefits to placing tokens on a search form? I can't really think of anything myself.

+1 A:

The only benefit I can think of is potentially preventing denial of service attacks if your searches were extremely computationally expensive and required authentication.

amdfan 2009-12-04 07:14:52

I had the same though. E.g., if someone places an img an a popular site, then I would get massive amounts of expensive searhces

rFactor 2009-12-04 09:08:27

related questions

Best way to search data stored as XML in Sql Server?

What are the alternative's to using the iThenticate service for content comparison?

Search by hash?

Free text search integrated with code coverage

How-to: Ranking Search Results

Find item in WPF ComboBox

Find in Files: Search all code in Team Foundation Server

Searching for phone numbers in mysql

How do I implement Search Functionality in a website?

Can you perform an AND search of keywords using FREETEXT() on SQL Server 2005?

How do I search content, within audio files/streams?

Search Plugin for Safari

Search strategies in ORMs

Using Lucene to search for email addresses

SQL Server Full Text Searching

How do you do a case insensitive search using a pattern modifier using less ?

WildcardQuery error in Solr

PowerShell FINDSTR eqivalent?

Parsing search queries in Java

Need Pattern for dynamic search of multiple sql tables

grep a file, but show several surrounding lines?

Eclipse : Class file name must end with .class exception in Java Search

MOSS SSP problem - Failed database logons from deleted SSP

Incomplete results with Turkish characters in Indexing Service

Lucene Score results