NOTE: If you are a developer, please use a private wiki based on foswiki/trunk on a daily base ...or use trunk.foswiki.org to view this page for some minimal testing.
Use Item9693 for docu changes for 1.2 and 2.0.
You are here: Foswiki>Tasks Web>Item1568 (22 Jun 2009, KennethLavrsen) Edit this topic text (e) Attach an image or document to this topic; manage existing attachments (a) View sequential topic history View without formatting (v) Create new topic Printable version of this topic (p) More: delete or rename this topic; set parent topic; view and compare revisions (m)

Item1568: Synchronise form submits with sessions to enhance further security against CSRF

Priority: CurrentState: AppliesTo: Component: WaitingFor:
Enhancement Closed Engine    
At the moment you can't be sure where a form submit comes from. There should be some way of validating it.

-- CrawfordCurrie - 04 May 2009

I consider this fixed. now

Waiting for release.

-- KennethLavrsen - 17 Jun 2009

No; the text of the message is still not quite right. It is very important and muct be spot on.

-- CrawfordCurrie - 18 Jun 2009

OK, now I'm happier.

-- CrawfordCurrie - 18 Jun 2009

Updating language files.

-- KennethLavrsen - 18 Jun 2009

Changed to Enhancement - which it actually is.

-- KennethLavrsen - 19 Jun 2009

ItemTemplate edit

Summary Synchronise form submits with sessions to enhance further security against CSRF
ReportedBy CrawfordCurrie
Codebase 1.0.5
SVN Range Foswiki-1.0.0, Thu, 08 Jan 2009, build 1878
AppliesTo Engine
Component
Priority Enhancement
CurrentState Closed
WaitingFor
Checkins Foswikirev:3811 Foswikirev:3814 Foswikirev:3817 Foswikirev:3820 Foswikirev:3821 Foswikirev:3822 Foswikirev:3823 Foswikirev:3825 Foswikirev:3827 Foswikirev:3828 Foswikirev:3859 Foswikirev:3883 Foswikirev:3884 Foswikirev:3885 Foswikirev:3918 Foswikirev:3924 Foswikirev:3925 Foswikirev:3926 Foswikirev:3927 Foswikirev:3928 Foswikirev:3929 Foswikirev:3930 Foswikirev:3941 Foswikirev:3953 Foswikirev:3962 Foswikirev:3976 Foswikirev:3980 Foswikirev:3981 Foswikirev:3982 Foswikirev:3983 Foswikirev:4034 Foswikirev:4035 Foswikirev:4036 Foswikirev:4037 Foswikirev:4177 Foswikirev:4178 Foswikirev:4190 Foswikirev:4191 Foswikirev:4192 Foswikirev:4196 Foswikirev:4197 Foswikirev:4201 Foswikirev:4202 Foswikirev:4205
TargetRelease patch
ReleasedIn 1.0.6
Edit | Attach | Print version | History: r53 < r52 < r51 < r50 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r53 - 22 Jun 2009, KennethLavrsen
 
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. see CopyrightStatement. Creative Commons LicenseGet Foswiki at sourceforge.net. Fast, secure and Free Open Source software downloads