Cross site request forgery prevention?

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Cross site request forgery prevention?

Robert Nicholson-3
In Stripes are there any examples or approaches where you use a token on the server side and ensure that this same token
is rendered back to the client so that it can be provided and checked on every GET/POST request?
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Stripes-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/stripes-users
Reply | Threaded
Open this post in threaded view
|

Re: Cross site request forgery prevention?

Daniil Sosonkin-2

I've created something for our company and made a public version as well
- https://github.com/SirDaniil/StripesCSRF
It may work for you.

On 5/31/2017 9:33 AM, Robert Nicholson wrote:

> In Stripes are there any examples or approaches where you use a token on the server side and ensure that this same token
> is rendered back to the client so that it can be provided and checked on every GET/POST request?
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Stripes-users mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/stripes-users
>


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Stripes-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/stripes-users