Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-25902

CSRF Token

    XMLWordPrintable

    Details

    • Type: Epic
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 10.10
    • Component/s: Web Common

      Description

      In order to have a second layer of CSRF protection (beyond the existing one based one the Origin header, see NXP-24331), we want to allow the use of CSRF tokens. It would be optional and enabled by a configuration property.

        Attachments

          Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. NXP-24331 CSRF Protection for Platform

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved

            Activity

              People

              • Assignee:
                fguillaume Florent Guillaume
                Reporter:
                fguillaume Florent Guillaume
                Participants:
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: