-
**XSRF** issue exists @ **root/register.jsp** in branch **develop**
*Method = at line 7 of root\register.jsp gets a parameter from a user request from ""password1"". This parame…
-
**XSRF** issue exists @ **root/password.jsp** in branch **develop**
*Method = at line 10 of root\password.jsp gets a parameter from a user request from ""password1"". This param…
-
Currently the user could be forced to log out with a request to the logout URL. We need to add XSRF protection against this.
-
```
What steps will reproduce the problem?
1. Bind security cookie to JSESSIONID:
bindConstant().annotatedWith(SecurityCookie.class).to("JSESSIONID");
2. Launch application on glassfish.
…
-
**Describe the bug**
On pathoplexus.org all west nile unaligned sequences are not loading in the preview or respective details pages
https://files.slack.com/files-pri/T05FDTF8TN0-F07S2QGQ55X/image.p…
-
It fails on sonarqube. Token is fine. Why?
I've tried even with admin user token.
```
INFO: Waiting for the analysis report to be processed (max 300s)
INFO: --------------------------------------…
sknmi updated
2 months ago
-
### Description
At https://amp.dev/documentation/components/amp-form/?format=email#protecting-against-xsrf, it says:
> Only use POST for state changing requests.
It is not clear if this means "…
-
Hey, helpful library but thought I should point out the following (apologies if I've missed some mitigation you've added).
By allowing a cookie to be used as the authentication mechanism, you are ope…
-
I'm keep getting this error do you guys know why?
Visualization Unsuccessful, error: {"message":"Request failed with status code 405","name":"AxiosError","stack":"AxiosError: Request failed with st…
-
`servant-auth-server` by default expects that the [browser] client will add an `X-XSRF-TOKEN` header with the contents of the `XSRF-TOKEN` cookie for authenticated requests. I have a PR servant-auth t…
3noch updated
6 years ago