search

OWASP / www-project-csrfguard

The aim of this project is to protect Java applications against CSRF attacks with the use of Synchronizer Tokens
https://owasp.org/www-project-csrfguard/
BSD 3-Clause "New" or "Revised" License
77 stars 38 forks source link

tld file location #277

Open rameshkt opened 4 weeks ago

rameshkt commented 4 weeks ago

Move csrfguard.tld from META-IN/tags to META-INF

forgedhallpass commented 4 weeks ago

Please test your changes using the bundled test application within the project and make sure the JSP Tags functionality works.

rameshkt commented 3 weeks ago

@forgedhallpass I will follow the following steps to test:-

  1. Run the test on the bundled test application "as it is" with csrfguard.tld in META-INF/tags.
  2. Observe the debug output and response in browser and development console.
  3. Move csrfguard.tld to META-INF. Remove "tags" directory.
  4. Commit locally.
  5. Run the test application with csrfguard.tld in META-INF directory.
  6. Observe the debug output and response in browser and development console.
  7. Compare the two.

Please let me know if the above steps are complete or any step is missing. Should I record the observations as screenshots or as a moview? Regards