syncope-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (SYNCOPE-1068) Console: CSRF protection
Date Thu, 20 Apr 2017 13:28:04 GMT

    [ https://issues.apache.org/jira/browse/SYNCOPE-1068?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15976677#comment-15976677
] 

ASF subversion and git services commented on SYNCOPE-1068:
----------------------------------------------------------

Commit 822ad873cb7139ae81f76d4b685273851b7e79dc in syncope's branch refs/heads/master from
[~ilgrosso]
[ https://git-wip-us.apache.org/repos/asf?p=syncope.git;h=822ad87 ]

[SYNCOPE-1068] Using Wicket's CsrfPreventionRequestCycleListener, controlled via console.properties
and enabled by default


> Console: CSRF protection
> ------------------------
>
>                 Key: SYNCOPE-1068
>                 URL: https://issues.apache.org/jira/browse/SYNCOPE-1068
>             Project: Syncope
>          Issue Type: Improvement
>          Components: console
>            Reporter: Francesco Chicchiriccò
>            Assignee: Francesco Chicchiriccò
>             Fix For: 2.0.4, 2.1.0
>
>
> We can easily leverage the [CSRF protection feature provided by Wicket|https://ci.apache.org/projects/wicket/guide/7.x/single.html#_csrf_protection]
to implement that in the Admin Console.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message