-
Currently the user could be forced to log out with a request to the logout URL. We need to add XSRF protection against this.
-
With tornado 6.3 the xsfr_cookies will be depreciated. Let's keep an eye on:
- https://github.com/tornadoweb/tornado/issues/3217
- https://github.com/tornadoweb/tornado/issues/865
- https://gi…
-
### Bug description
When trying to move a torrent to a new location, the API returns the following 404 error and the save button is unresponsive.
{
"message": "Request failed with status code…
-
```
What steps will reproduce the problem?
1. Bind security cookie to JSESSIONID:
bindConstant().annotatedWith(SecurityCookie.class).to("JSESSIONID");
2. Launch application on glassfish.
…
-
**Describe the bug**
On pathoplexus.org all west nile unaligned sequences are not loading in the preview or respective details pages
https://files.slack.com/files-pri/T05FDTF8TN0-F07S2QGQ55X/image.p…
-
It fails on sonarqube. Token is fine. Why?
I've tried even with admin user token.
```
INFO: Waiting for the analysis report to be processed (max 300s)
INFO: --------------------------------------…
sknmi updated
2 months ago
-
### Description
At https://amp.dev/documentation/components/amp-form/?format=email#protecting-against-xsrf, it says:
> Only use POST for state changing requests.
It is not clear if this means "…
-
Hey, helpful library but thought I should point out the following (apologies if I've missed some mitigation you've added).
By allowing a cookie to be used as the authentication mechanism, you are ope…
-
I'm keep getting this error do you guys know why?
Visualization Unsuccessful, error: {"message":"Request failed with status code 405","name":"AxiosError","stack":"AxiosError: Request failed with st…
-
`servant-auth-server` by default expects that the [browser] client will add an `X-XSRF-TOKEN` header with the contents of the `XSRF-TOKEN` cookie for authenticated requests. I have a PR servant-auth t…
3noch updated
6 years ago