Opened 12 years ago

Last modified 12 years ago

#509 testing security (fixed)

Add tokens to forms to block possible CSRF attack

Reported by: mortonda@… Owned by: mortonda@…
Priority: normal Milestone: 1.0.3
Component: General Version: 1.0.2
Severity: normal Keywords:
Cc:

Description

All forms need to have a token sent along to verify that the post originated with our own forms and not somewhere else.

Change History (3)

comment:1 Changed 12 years ago by mortonda@…

  • Summary changed from Add tokens to forms to clock possible CSRF attack to Add tokens to forms to block possible CSRF attack

comment:2 Changed 12 years ago by mortonda@…

  • Status changed from new to accepted

[1324] and [1327] implement this

comment:3 Changed 12 years ago by mortonda@…

  • Resolution set to fixed
  • Status changed from accepted to testing
Note: See TracTickets for help on using tickets.