Hi,
Actually, there are 3. With the current configuration, 2 of those methods will
never be called. You need to explicitly allow or suppress certain actions.
Given the nature of the three methods, I think they all need a different
style:
For 'allow', I suggest to change the message of 'allow'
The false positives occur much more often.
Martijn
On Tue, Sep 20, 2016 at 10:11 PM, Martin Grigorov wrote:
> Hi,
>
> There are two log.info() calls starting with "Possible CSRF attack..." which
> IMO should be with level WARN.
> Or the chance of false positives is bigger ?
>
>
> Martin Grigoro
Hi,
There are two log.info() calls starting with "Possible CSRF attack..."
which IMO should be with level WARN.
Or the chance of false positives is bigger ?
Martin Grigorov
Wicket Training and Consulting
https://twitter.com/mtgrigorov
On Tue, Sep 20, 2016 at 10:08 PM, wrote:
> Repository: wic