Search...
FAQs Subscribe
Pie
FAQs
Recent topics Flagged topics Hot topics Best topics
Search...
Search within blogs Search Coderanch
Advance search Google search
Register / Login
book review grid polymorphism thread boost advertise on coderanch granny
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
advertise on coderanch thread boost book review grid building better world book meaningless drivel
this forum made possible by our volunteer staff, including ...
Marshals:
  • Tim Cooke
  • Campbell Ritchie
  • Ron McLeod
  • Junilu Lacar
  • Liutauras Vilda
Sheriffs:
  • Paul Clapham
  • Jeanne Boyarsky
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Stephan van Hulst
  • Piet Souris
  • Carey Brown
Bartenders:
  • Jesse Duncan
  • Frits Walraven
  • Mikalai Zaikin

coderanch and csrf

 
Jeanne Boyarsky
author & internet detective
Posts: 41125
848
I like...
Eclipse IDE VI Editor Java
posted 9 years ago
  • Likes 4
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
    Send
  • Quote
  • Report post to moderator
There was an announcement about a soon to be announced issue with CSRF in the forums last month. Turns out with stock JForum someone could have deleted the forums with a CSRF attack! (don't worry, they can't anymore.)

3 part blog post describing CSRF, how we fixed it, many of the obstacles encountered (interesting bugs and coding techniques) and links to github showing some code changes.
part 1
part 2
part 3

As I was doing this, I learned a lot of people haven't heard of CSRF. Check out the blog to learn more or ask here - in this post or in the forums.

[OCP 17 book] | [OCP 11 book] | [OCA 8 book] [OCP 8 book] [Practice tests book] [Blog] [JavaRanch FAQ] [How To Ask Questions] [Book Promos]
Other Certs: SCEA Part 1, Part 2 & 3, Core Spring 3, TOGAF part 1 and part 2

 
Andrew Monkhouse
author and jackaroo
Posts: 12199
280
I like...
Mac IntelliJ IDE Firefox Browser Oracle C++ Java
posted 9 years ago
  • Likes 4
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
    Send
  • Quote
  • Report post to moderator
Excellent series of posts Jeanne, and thanks for all the work you did in fixing the problem!

The Sun Certified Java Developer Exam with J2SE 5: paper version from Amazon, PDF from Apress, Online reference: Books 24x7 Personal blog

 
Jeanne Boyarsky
author & internet detective
Posts: 41125
848
I like...
Eclipse IDE VI Editor Java
posted 9 years ago
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
    Send
  • Quote
  • Report post to moderator
Part 4 - we removed the JavaScript dependency.

[OCP 17 book] | [OCP 11 book] | [OCA 8 book] [OCP 8 book] [Practice tests book] [Blog] [JavaRanch FAQ] [How To Ask Questions] [Book Promos]
Other Certs: SCEA Part 1, Part 2 & 3, Core Spring 3, TOGAF part 1 and part 2

 
pie. tiny ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop
https://coderanch.com/wiki/718759/books/Building-World-Backyard-Paul-Wheaton
reply
reply
    Bookmark Topic Watch Topic
  • New Topic
Boost this thread!
Similar Threads
More...