Bug#1022770: ITP: ruby-omniauth-rails-csrf-protection -- A gem that provides CSRF protection on OmniAuth request endpoint on Rails application.

Abraham Raji Tue, 25 Oct 2022 07:51:15 -0700

package: wnpp
Severity: wishlist
Owner: Abraham Raji <abra...@debian.org>


*Package Name      : ruby-omniauth-rails-csrf-protection
 Version           : 1.0.1
 Upstream Author   : Cookpad Inc.

*URL : https://github.com/cookpad/omniauth-rails_csrf_protection

*License           : Expat
 Programming Lang  : Ruby

*Description : A gem that provides CSRF protection on OmniAuth request endpoint on Rails application.

This gem provides a mitigation against [CVE-2015-9284] (Cross-Site Request Forgery on the request phase when using OmniAuth gem with a Ruby on Rails application) by implementing a CSRF token verifier that directly uses ActionController::RequestForgeryProtection code from Rails.


.

This gem is required for the gitlab 15.4.0 update.

- Abraham

OpenPGP_0xF67DA33EE71DFDA9.asc
Description: OpenPGP public key

OpenPGP_signature
Description: OpenPGP digital signature

Bug#1022770: ITP: ruby-omniauth-rails-csrf-protection -- A gem that provides CSRF protection on OmniAuth request endpoint on Rails application.

Reply via email to