You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@continuum.apache.org by "Maria Odea Ching (JIRA)" <ji...@codehaus.org> on 2011/05/03 13:46:22 UTC

[jira] Commented: (CONTINUUM-2622) Add CSRF prevention checks for sensitive actions

    [ http://jira.codehaus.org/browse/CONTINUUM-2622?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=265586#action_265586 ] 

Maria Odea Ching commented on CONTINUUM-2622:
---------------------------------------------

Additional changes committed in branch [-r1099015|http://svn.apache.org/viewvc?rev=1099015&view=rev] and merged in trunk [-r1099019|http://svn.apache.org/viewvc?rev=1099019&view=rev]:
* revert changes made in -r1092648 in csrf check for remove project group
* check only on actual delete, do not check on confirm delete -- separated remove project group and confirm remove project group into separate actions

> Add CSRF prevention checks for sensitive actions
> ------------------------------------------------
>
>                 Key: CONTINUUM-2622
>                 URL: http://jira.codehaus.org/browse/CONTINUUM-2622
>             Project: Continuum
>          Issue Type: Improvement
>          Components: Security
>    Affects Versions: 1.3.7, 1.4.0 (Beta)
>            Reporter: Maria Odea Ching
>            Assignee: Maria Odea Ching
>             Fix For: 1.3.8
>
>


-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira