[WICKET-5919] Add support for CSRF prevention - ASF JIRA

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 7.0.0-M5, 6.19.0
Fix Version/s: 6.20.0, 7.0.0-M6
Component/s: wicket
Labels:
None

Description

Implement a request cycle listener that checks the HTTP Origin header for conflicts with the request header to prevent CSRF requests from affecting Wicket components.

Attachments

Activity

People

Assignee:: Martijn Dashorst

Reporter:: Martijn Dashorst

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 07/Jun/15 16:08

Updated:: 07/Jun/15 16:09

Resolved:: 07/Jun/15 16:09