You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tapestry.apache.org by "Markus Jung (JIRA)" <ji...@apache.org> on 2011/03/31 20:42:08 UTC
[jira] [Commented] (TAP5-1474) [GSoC] add out-of-the-box protection
against cross-site request forgery (CSRF)
[ https://issues.apache.org/jira/browse/TAP5-1474?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13014131#comment-13014131 ]
Markus Jung commented on TAP5-1474:
-----------------------------------
Hello,
I would like to participate in GSoC and I would like to implement that feature in Tapestry. I have implemented a protection mechanism based on a cookie based token in Grails for an industry project. It was based on filters and taglibs that hide the required actions for protection and made the mechanism transparent for the development process. I think I could contribute a useful solution here.
How is the GSoC process working at ASF? I would like to discuss a possible application with the mentor for that task.
Best regards,
Markus
> [GSoC] add out-of-the-box protection against cross-site request forgery (CSRF)
> ------------------------------------------------------------------------------
>
> Key: TAP5-1474
> URL: https://issues.apache.org/jira/browse/TAP5-1474
> Project: Tapestry 5
> Issue Type: New Feature
> Components: tapestry-core
> Affects Versions: 5.2.4
> Reporter: Ulrich Stärk
> Labels: gsoc2011
>
> There are several approaches to protect against CSRF. A student working on this task will evaluate the possible solutions, discuss with the community which to implement and implement and test the chosen approach.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira