Foswiki on GitHub is open for business! Next release meeting: Monday Dec. 1, 1300Z

Item1568: Synchronise form submits with sessions to enhance further security against CSRF

Priority: CurrentState: AppliesTo: Component: WaitingFor:
Enhancement Closed Engine    
At the moment you can't be sure where a form submit comes from. There should be some way of validating it.

-- CrawfordCurrie - 04 May 2009

I consider this fixed. now

Waiting for release.

-- KennethLavrsen - 17 Jun 2009

No; the text of the message is still not quite right. It is very important and muct be spot on.

-- CrawfordCurrie - 18 Jun 2009

OK, now I'm happier.

-- CrawfordCurrie - 18 Jun 2009

Updating language files.

-- KennethLavrsen - 18 Jun 2009

Changed to Enhancement - which it actually is.

-- KennethLavrsen - 19 Jun 2009
Topic revision: r53 - 22 Jun 2009, KennethLavrsen
 
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. see CopyrightStatement. Creative Commons License