feature request: protesct from XSRF attack

neo09 / gwt-platform

Automatically exported from code.google.com/p/gwt-platform

0 stars 0 forks source link

feature request: protesct from XSRF attack #97

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago

I read from 
http://groups.google.com/group/Google-Web-Toolkit/web/security-for-gwt-applicati
ons

by including cookie when doing request can prevent xsrf attack. any easier
way to add it directly on the framework?

Original issue reported on code.google.com by second.c...@gmail.com on 20 May 2010 at 6:27

GoogleCodeExporter commented 9 years ago

XSRF attacks are prevented automatically by the framework if your action 
inherit from 
ActionImpl (or return true to isSecured())

For more information, read:
http://code.google.com/p/gwt-platform/wiki/PortingV1#Protecting_against_XSRF_att
acks

Original comment by philippe.beaudoin on 20 May 2010 at 6:35

Changed state: Invalid
Added labels: ****
Removed labels: ****