Uploaded image for project: 'Application Server 7'
  1. Application Server 7
  2. AS7-2383

Implement CSRF Protection for HTTP Interface

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: Critical Critical
    • None
    • None
    • Domain Management, Security
    • None

      For the HTTP interface we need some form of cross site request forgery protection to cover scenarios where an administrator has already authenticated against AS so the web browser has cached credentials - we need to prevent malicious requests from the same web browser.

            darran.lofthouse@redhat.com Darran Lofthouse
            darran.lofthouse@redhat.com Darran Lofthouse
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: