sling-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Julian Reschke (Jira)" <j...@apache.org>
Subject [jira] [Commented] (SLING-9043) COPY should be in the referer filter's default list of protected HTTP methods
Date Tue, 04 Feb 2020 11:36:00 GMT

    [ https://issues.apache.org/jira/browse/SLING-9043?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17029778#comment-17029778
] 

Julian Reschke commented on SLING-9043:
---------------------------------------

At this point I don't understand what the actual attack is.

If the browser sends Refererer, COPY will continue to work, right?

So what is the scenario in which blocking COPY requests without referer actually helps?

> COPY should be in the referer filter's default list of protected HTTP methods
> -----------------------------------------------------------------------------
>
>                 Key: SLING-9043
>                 URL: https://issues.apache.org/jira/browse/SLING-9043
>             Project: Sling
>          Issue Type: Bug
>          Components: Resource Access Security
>            Reporter: Sonal Gupta
>            Priority: Major
>              Labels: vulnerability
>
> The COPY method , by default, is not in the list of methods covered by the CSRF Referer
filter. This might allow an attacker to copy files (abusing the privileges of a logged in
victim) using CSRF.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Mime
View raw message