Foswiki General Assembly will be held on 28th November 2019, 1200 UTC on Freenode IRC channel #foswiki-association. See AgendaTenthGeneralAssembly

Item1568: Synchronise form submits with sessions to enhance further security against CSRF

Priority: Enhancement
Current State: Closed
Released In: 1.0.6
Target Release: patch
Applies To: Engine
Reported By: CrawfordCurrie
Waiting For:
Last Change By: KennethLavrsen
At the moment you can't be sure where a form submit comes from. There should be some way of validating it.

-- CrawfordCurrie - 04 May 2009

I consider this fixed. now

Waiting for release.

-- KennethLavrsen - 17 Jun 2009

No; the text of the message is still not quite right. It is very important and muct be spot on.

-- CrawfordCurrie - 18 Jun 2009

OK, now I'm happier.

-- CrawfordCurrie - 18 Jun 2009

Updating language files.

-- KennethLavrsen - 18 Jun 2009

Changed to Enhancement - which it actually is.

-- KennethLavrsen - 19 Jun 2009
Topic revision: r53 - 22 Jun 2009, KennethLavrsen - This page was cached on 12 Nov 2019 - 03:45.

The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy