wicket-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From shayy <sha...@gmail.com>
Subject Re: Implementing a SecureForm to avoid CSRF attacks
Date Wed, 11 Jun 2014 12:19:17 GMT
Hmm, not sure about that. Do you mean that onEvent() will both re-generate
the token on the SecureForm class as well as replace the value on the HTML?
Security wise, is there a reason to do that?

View this message in context: http://apache-wicket.1842946.n4.nabble.com/Implementing-a-SecureForm-to-avoid-CSRF-attacks-tp4666175p4666201.html
Sent from the Users forum mailing list archive at Nabble.com.

To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org

View raw message