-
Dave Cridland authored
Extending the previous commit, this adds CSRF to a number of high-value target pages, including user password changing, dleetion, lockout, etc, and also for the login page (to avoid a class of attack we probably don't care about). The CSRF mechanism requires manual addition to each form, but has been design reviewed by Simon Waters (Surevine Ltd).
3a6976f0
Name |
Last commit
|
Last update |
---|---|---|
.. | ||
org | ||
overview.html |