[jira] [Commented] (SYNCOPE-1068) Console: CSRF protection

ASF subversion and git services (JIRA) Thu, 20 Apr 2017 06:28:36 -0700

    [ 
https://issues.apache.org/jira/browse/SYNCOPE-1068?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15976677#comment-15976677
 ]


ASF subversion and git services commented on SYNCOPE-1068:
----------------------------------------------------------

Commit 822ad873cb7139ae81f76d4b685273851b7e79dc in syncope's branch 
refs/heads/master from [~ilgrosso]
[ https://git-wip-us.apache.org/repos/asf?p=syncope.git;h=822ad87 ]

[SYNCOPE-1068] Using Wicket's CsrfPreventionRequestCycleListener, controlled 
via console.properties and enabled by default


> Console: CSRF protection
> ------------------------
>
>                 Key: SYNCOPE-1068
>                 URL: https://issues.apache.org/jira/browse/SYNCOPE-1068
>             Project: Syncope
>          Issue Type: Improvement
>          Components: console
>            Reporter: Francesco Chicchiriccò
>            Assignee: Francesco Chicchiriccò
>             Fix For: 2.0.4, 2.1.0
>
>
> We can easily leverage the [CSRF protection feature provided by 
> Wicket|https://ci.apache.org/projects/wicket/guide/7.x/single.html#_csrf_protection]
>  to implement that in the Admin Console.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (SYNCOPE-1068) Console: CSRF protection

Reply via email to