[
https://issues.apache.org/jira/browse/SLING-9043?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17030359#comment-17030359
]
Sonal Gupta commented on SLING-9043:
------------------------------------
[~reschke] The attack is that if the COPY request is coming from a different
host (referrer is not the same host) it should be blocked. Presently COPY
method is not in the default list of methods hence requests coming from
different host are also getting passed. We need to block these requests with
invalid referrers.
> COPY should be in the referer filter's default list of protected HTTP methods
> -----------------------------------------------------------------------------
>
> Key: SLING-9043
> URL: https://issues.apache.org/jira/browse/SLING-9043
> Project: Sling
> Issue Type: Bug
> Components: Resource Access Security
> Reporter: Sonal Gupta
> Priority: Major
> Labels: vulnerability
>
> The COPY method , by default, is not in the list of methods covered by the
> CSRF Referer filter. This might allow an attacker to copy files (abusing the
> privileges of a logged in victim) using CSRF.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
