Opened 12 years ago
Last modified 12 years ago
#509 testing security (fixed)
Add tokens to forms to block possible CSRF attack
| Reported by: | mortonda@… | Owned by: | mortonda@… |
|---|---|---|---|
| Priority: | normal | Milestone: | 1.0.3 |
| Component: | General | Version: | 1.0.2 |
| Severity: | normal | Keywords: | |
| Cc: |
Description
All forms need to have a token sent along to verify that the post originated with our own forms and not somewhere else.
Change History (3)
comment:1 Changed 12 years ago by mortonda@…
- Summary changed from Add tokens to forms to clock possible CSRF attack to Add tokens to forms to block possible CSRF attack
comment:2 Changed 12 years ago by mortonda@…
- Status changed from new to accepted
comment:3 Changed 12 years ago by mortonda@…
- Resolution set to fixed
- Status changed from accepted to testing
Note: See
TracTickets for help on using
tickets.
[1324] and [1327] implement this