[jira] [Commented] (SYNCOPE-1068) Console: CSRF protection

ASF subversion and git services (JIRA) Thu, 20 Apr 2017 06:27:21 -0700

    [ 
https://issues.apache.org/jira/browse/SYNCOPE-1068?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15976676#comment-15976676
 ]


ASF subversion and git services commented on SYNCOPE-1068:
----------------------------------------------------------

Commit 38810180276e55965547b0e9a78fa0efe8515902 in syncope's branch 
refs/heads/2_0_X from [~ilgrosso]
[ https://git-wip-us.apache.org/repos/asf?p=syncope.git;h=3881018 ]

[SYNCOPE-1068] Using Wicket's CsrfPreventionRequestCycleListener, controlled 
via console.properties and enabled by default


> Console: CSRF protection
> ------------------------
>
>                 Key: SYNCOPE-1068
>                 URL: https://issues.apache.org/jira/browse/SYNCOPE-1068
>             Project: Syncope
>          Issue Type: Improvement
>          Components: console
>            Reporter: Francesco Chicchiriccò
>            Assignee: Francesco Chicchiriccò
>             Fix For: 2.0.4, 2.1.0
>
>
> We can easily leverage the [CSRF protection feature provided by 
> Wicket|https://ci.apache.org/projects/wicket/guide/7.x/single.html#_csrf_protection]
>  to implement that in the Admin Console.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (SYNCOPE-1068) Console: CSRF protection

Reply via email to