[
https://issues.apache.org/jira/browse/COUCHDB-2775?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14962129#comment-14962129
]
ASF subversion and git services commented on COUCHDB-2775:
----------------------------------------------------------
Commit 2ec52eb3d8e187f5e9dfcaf8ab0dff55e40cd647 in couchdb-couch-mrview's
branch refs/heads/master from [~mayyas]
[ https://git-wip-us.apache.org/repos/asf?p=couchdb-couch-mrview.git;h=2ec52eb ]
Check POST requests for valid json header
validate that all POST requests with json body must have also have valid
json header: {"Content-Type": "application/json"}
This ensures a basic protection against CSRF
This closes #25
JIRA: COUCHDB-2775
Signed-off-by: Alexander Shorin <[email protected]>
> POST Valid json header
> ----------------------
>
> Key: COUCHDB-2775
> URL: https://issues.apache.org/jira/browse/COUCHDB-2775
> Project: CouchDB
> Issue Type: Improvement
> Security Level: public(Regular issues)
> Components: Database Core
> Reporter: Mayya Sharipova
> Priority: Minor
>
> validate that all POST requests with json body must have also have valid json
> header:
> {"Content-Type": "application/json"}
> This ensures a basic protection against CSRF.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
