[jira] [Updated] (OFBIZ-11425) Test "POC for CSRF Token"

Sat, 28 Mar 2020 02:17:09 -0700 


     [ 
https://issues.apache.org/jira/browse/OFBIZ-11425?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jacques Le Roux updated OFBIZ-11425:
------------------------------------
    Description: 
Hi All,

This "test" Jira to ask your help to review and test the work done in 
OFBIZ-11306. We have done all our possible, and now help is welcome. If you are 
experienced with penetrations tools, please use them.

You can find the branch to use in
https://github.com/JacquesLeRoux/ofbiz-framework/tree/POC-for-CSRF-Token-OFBIZ-11306
https://github.com/JacquesLeRoux/ofbiz-plugins/tree/POC-for-CSRF-Token-OFBIZ-11306.
 

It's ready to merge in OFBiz trunk but we will not create a PR before being 
rassured that we (James and I) did not miss any issues. Like links without 
"csrf" token, or regressions introduced by the effort.

TIA

  was:
Hi All,

This "test" Jira to ask your help to review and test the work done in 
OFBIZ-11306. We have done all our possible, and now help is welcome. If you are 
experienced with penetrations tools, please use them.

You can find the branch to use in 
https://github.com/JacquesLeRoux/ofbiz-framework/tree/POC-for-CSRF-Token-OFBIZ-11306.
 It's ready to merge in OFBiz trunk but we will not create a PR before being 
rassured that we (James and I) did not miss any issues. Like links without 
"csrf" token, or regressions introduced by the effort.

TIA


> Test "POC for CSRF Token"
> -------------------------
>
>                 Key: OFBIZ-11425
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-11425
>             Project: OFBiz
>          Issue Type: Test
>          Components: ALL APPLICATIONS
>    Affects Versions: Release Branch 18.12, Release Branch 17.12, Trunk
>            Reporter: Jacques Le Roux
>            Assignee: Jacques Le Roux
>            Priority: Major
>
> Hi All,
> This "test" Jira to ask your help to review and test the work done in 
> OFBIZ-11306. We have done all our possible, and now help is welcome. If you 
> are experienced with penetrations tools, please use them.
> You can find the branch to use in
> https://github.com/JacquesLeRoux/ofbiz-framework/tree/POC-for-CSRF-Token-OFBIZ-11306
> https://github.com/JacquesLeRoux/ofbiz-plugins/tree/POC-for-CSRF-Token-OFBIZ-11306.
>  
> It's ready to merge in OFBiz trunk but we will not create a PR before being 
> rassured that we (James and I) did not miss any issues. Like links without 
> "csrf" token, or regressions introduced by the effort.
> TIA



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to