You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@wicket.apache.org by "Martijn Dashorst (JIRA)" <ji...@apache.org> on 2015/06/07 18:09:00 UTC

[jira] [Created] (WICKET-5919) Add support for CSRF prevention

Martijn Dashorst created WICKET-5919:
----------------------------------------

             Summary: Add support for CSRF prevention
                 Key: WICKET-5919
                 URL: https://issues.apache.org/jira/browse/WICKET-5919
             Project: Wicket
          Issue Type: Bug
          Components: wicket
    Affects Versions: 6.19.0, 7.0.0-M5
            Reporter: Martijn Dashorst
            Assignee: Martijn Dashorst
             Fix For: 6.20.0, 7.0.0-M6


Implement a request cycle listener that checks the HTTP Origin header for conflicts with the request header to prevent CSRF requests from affecting Wicket components.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)