Win a copy of OCP Oracle Certified Professional Java SE 11 Developer Practice Tests this week in the OCP forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Jeanne Boyarsky
  • Ron McLeod
  • Tim Cooke
Sheriffs:
  • Devaka Cooray
  • paul wheaton
  • Mark Herschberg
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Stephan van Hulst
  • Frits Walraven
  • Jj Roberts
Bartenders:
  • Carey Brown
  • salvin francis
  • Piet Souris

coderanch and csrf

 
author & internet detective
Posts: 40475
822
Eclipse IDE VI Editor Java
  • Likes 4
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
There was an announcement about a soon to be announced issue with CSRF in the forums last month. Turns out with stock JForum someone could have deleted the forums with a CSRF attack! (don't worry, they can't anymore.)

3 part blog post describing CSRF, how we fixed it, many of the obstacles encountered (interesting bugs and coding techniques) and links to github showing some code changes.
part 1
part 2
part 3

As I was doing this, I learned a lot of people haven't heard of CSRF. Check out the blog to learn more or ask here - in this post or in the forums.
 
author and jackaroo
Posts: 12199
280
Mac IntelliJ IDE Firefox Browser Oracle C++ Java
  • Likes 4
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Excellent series of posts Jeanne, and thanks for all the work you did in fixing the problem!
 
Jeanne Boyarsky
author & internet detective
Posts: 40475
822
Eclipse IDE VI Editor Java
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Part 4 - we removed the JavaScript dependency.
 
Screaming fools! It's nothing more than a tiny ad:
the value of filler advertising in 2021
https://coderanch.com/t/730886/filler-advertising
reply
    Bookmark Topic Watch Topic
  • New Topic