issues
search
qld-gov-au
/
ckanext-csrf-filter
A CKAN extension to add protection against Cross-Site Request Forgery attacks
GNU Affero General Public License v3.0
0
stars
6
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
fix SameSite cookie attribute on older Werkzeug versions
#45
ThrawnCA
closed
10 months ago
0
Develop to main - don't require tokens on the logout URL
#44
ThrawnCA
closed
10 months ago
0
[QOLSVC-3914] exclude logout URL from CSRF protection
#43
ThrawnCA
closed
10 months ago
0
Clean up lint and test failures
#42
ThrawnCA
closed
1 year ago
0
Develop to master
#41
ThrawnCA
closed
1 year ago
0
[QOLSVC-3186] preserve CSRF token in API token deletion form
#40
ThrawnCA
closed
1 year ago
0
CSRF protection in CKAN core now
#39
markstuart
opened
1 year ago
1
Custom Token Check Exemption Rules
#38
JVickery-TBS
closed
1 year ago
1
Allow Response Streams
#37
JVickery-TBS
closed
1 year ago
4
SameSite Config Option for Cookie
#36
JVickery-TBS
closed
1 year ago
1
SameSite Config Option for Cookie
#35
JVickery-TBS
closed
1 year ago
6
Develop to master - fix CSRF errors on re-login
#34
ThrawnCA
closed
1 year ago
0
[QOLSVC-1241] stop login page from being cached
#33
ThrawnCA
closed
1 year ago
0
Develop to master
#32
ThrawnCA
closed
1 year ago
0
QOLSVC-978 add CKAN 2.10 support
#31
ThrawnCA
closed
1 year ago
0
Develop to master - fix import path for CKAN 2.9
#30
ThrawnCA
closed
2 years ago
0
[QOL-9385] handle CKAN 2.9 path to Repoze form plugin
#29
ThrawnCA
closed
2 years ago
0
Add SameSite attribute to token cookies
#28
ThrawnCA
closed
1 year ago
3
Develop to main
#27
ThrawnCA
closed
2 years ago
0
[QOL-8392] ensure aborts are returned
#26
ThrawnCA
closed
2 years ago
0
[DC-31541] add testing of encoding handling with real Request
#25
ThrawnCA
closed
2 years ago
0
Develop to main
#24
ThrawnCA
closed
2 years ago
1
DC-31541 Fix API calls
#23
ThrawnCA
closed
2 years ago
0
Develop to master
#22
ThrawnCA
closed
2 years ago
0
[QOL-8392] gracefully handle contexts with no response object or non-HTML response type
#21
ThrawnCA
closed
2 years ago
0
Develop to main
#20
ThrawnCA
closed
2 years ago
0
Can't revoke API Tokens in CKAN 2.9.3
#19
markstuart
closed
1 year ago
2
[QOL-8392] ensure response body is of a type we can process
#18
ThrawnCA
closed
2 years ago
0
[QOL-8251] ensure HTML is of the appropriate type before manipulating it
#17
ThrawnCA
closed
3 years ago
1
werkzeug response.data gives bytes, need str
#16
markstuart
closed
2 years ago
0
Update imports to use full path
#15
markstuart
closed
2 years ago
1
Possible issue running extension under Python 2.7
#14
markstuart
closed
2 years ago
3
Develop to main
#13
ThrawnCA
closed
3 years ago
0
[QOL-4814] drop unnecessary logging statement
#12
ThrawnCA
closed
3 years ago
0
Develop to main
#11
ThrawnCA
closed
3 years ago
0
[QOL-4814] add unit tests for Login CSRF Repoze plugin
#10
ThrawnCA
closed
3 years ago
0
QOL-4814 Login CSRF
#9
ThrawnCA
closed
3 years ago
1
Develop to main
#8
ThrawnCA
closed
3 years ago
0
[QOL-7955] ensure the Flask response is not in pass-through mode
#7
ThrawnCA
closed
3 years ago
0
QOL-7955 fix handling of pages when not logged in
#6
ThrawnCA
closed
3 years ago
0
Develop to main
#5
ThrawnCA
closed
3 years ago
0
[QOL-7955] fix README formatting and include 'pytest'
#4
ThrawnCA
closed
3 years ago
0
[QOL-7955] revert the request attribute name to 'token'
#3
ThrawnCA
closed
3 years ago
0
[QOL-7955] remove noisy debugging statements
#2
ThrawnCA
closed
3 years ago
0
QOL-7955 split csrf filtering to separate extension
#1
ThrawnCA
closed
3 years ago
1