You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@syncope.apache.org by "Andrea Patricelli (JIRA)" <ji...@apache.org> on 2017/04/07 10:16:41 UTC
[jira] [Updated] (SYNCOPE-1064) Improve security of customization
mechanism
[ https://issues.apache.org/jira/browse/SYNCOPE-1064?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andrea Patricelli updated SYNCOPE-1064:
---------------------------------------
Summary: Improve security of customization mechanism (was: Impropve security of customization mechanism)
> Improve security of customization mechanism
> -------------------------------------------
>
> Key: SYNCOPE-1064
> URL: https://issues.apache.org/jira/browse/SYNCOPE-1064
> Project: Syncope
> Issue Type: Improvement
> Components: enduser
> Affects Versions: 2.0.2
> Reporter: Andrea Patricelli
> Assignee: Andrea Patricelli
> Fix For: 2.0.3, 2.1.0
>
>
> A smart and malicious user could "hack" angularjs frontend components and send info that is not allowed to create/edit.
> Solve this by checking info on server side against form customization JSON.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)