• Dave Cridland's avatar
    OF-777 CVE-2015-6973 CSRF protection (partial) · 3a6976f0
    Dave Cridland authored
    Extending the previous commit, this adds CSRF to a number of high-value target
    pages, including user password changing, dleetion, lockout, etc, and also for
    the login page (to avoid a class of attack we probably don't care about).
    
    The CSRF mechanism requires manual addition to each form, but has been
    design reviewed by Simon Waters (Surevine Ltd).
    3a6976f0
Name
Last commit
Last update
..
bin Loading commit data...
conf Loading commit data...
database Loading commit data...
i18n Loading commit data...
java Loading commit data...
javadoc/jdk15 Loading commit data...
plugins Loading commit data...
resources Loading commit data...
security Loading commit data...
spank Loading commit data...
test Loading commit data...
tools/anttask/org/jivesoftware/ant Loading commit data...
web Loading commit data...