-
Currently the user could be forced to log out with a request to the logout URL. We need to add XSRF protection against this.
-
~~[]()~~
- @mehebubhasan
>
-
### Was the documentation helpful?
Yes
### What documentation page is affected
There is some error in the page => https://www.elastic.co/docs/api/doc/kibana/v8/operation/operation-importsavedobject…
-
A test failed on a tracked branch
```
[AxiosError: Request failed with status code 404] {
code: 'ERR_BAD_REQUEST',
config: {
transitional: {
silentJSONParsing: true,
forcedJSONPar…
-
```
What steps will reproduce the problem?
1. Bind security cookie to JSESSIONID:
bindConstant().annotatedWith(SecurityCookie.class).to("JSESSIONID");
2. Launch application on glassfish.
…
-
### Description
At https://amp.dev/documentation/components/amp-form/?format=email#protecting-against-xsrf, it says:
> Only use POST for state changing requests.
It is not clear if this means "…
-
It fails on sonarqube. Token is fine. Why?
I've tried even with admin user token.
```
INFO: Waiting for the analysis report to be processed (max 300s)
INFO: --------------------------------------…
sknmi updated
3 months ago
-
**Describe the bug**
On pathoplexus.org all west nile unaligned sequences are not loading in the preview or respective details pages
https://files.slack.com/files-pri/T05FDTF8TN0-F07S2QGQ55X/image.p…
-
Hey, helpful library but thought I should point out the following (apologies if I've missed some mitigation you've added).
By allowing a cookie to be used as the authentication mechanism, you are ope…
-
`servant-auth-server` by default expects that the [browser] client will add an `X-XSRF-TOKEN` header with the contents of the `XSRF-TOKEN` cookie for authenticated requests. I have a PR servant-auth t…
3noch updated
6 years ago