The Cross-site Request Forgery FAQ has been released to address some of the common questions and misconceptions regarding this commonly misunderstood web flaw. URL: The Cross-site Request Forgery FAQ http://www.cgisecurity.com/articles/csrf-faq.shtml Regards, - Robert admin_@_cgisecurity_com http://www.cgisecurity.com/ http://www.qasec.com/ http://www.webappsec.org/