, December 15, 2017 at 11:56 AM
To: WebObjects-Dev
Subject: Cross-Site Request Forgery
Hello,
Just wondering if anyone has ever had to harden their WebObjects applications
against CSRF:
https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet
Is there a way to have
Hello,
Just wondering if anyone has ever had to harden their WebObjects applications
against CSRF:
https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet
Is there a way to have WebObjects do this automatically or do we need to
implement this on our own?
Thanks
Hi Dov / Daniele
Thanks for this. I was not actually talking about "cross site scripting" but
"cross-site request forgery" according to the link
http://en.wikipedia.org/wiki/Cross-site_request_forgery
I think, as Daniele suggests, that the way that component urls are con
7;T DoubleClick
2012/1/26 Giles Palmer
> Hi All
>
> We have an application that lives behind a login and all requests are
> session based component requests. We have been asked by a user about our
> vulnerability to Cross-site request forgery.
>
> http://en.wikipedia.org/w
Hi All
We have an application that lives behind a login and all requests are session
based component requests. We have been asked by a user about our vulnerability
to Cross-site request forgery.
http://en.wikipedia.org/wiki/Cross-site_request_forgery
and
https://www.owasp.org/index.php/Cross
