[jbossseam-issues] [JBoss JIRA] Commented: (JBSEAM-4076) Client side state saving CSRF protection
Stuart Douglas (JIRA)
jira-events at lists.jboss.org
Fri Apr 3 01:26:22 EDT 2009
[ https://jira.jboss.org/jira/browse/JBSEAM-4076?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12460412#action_12460412 ]
Stuart Douglas commented on JBSEAM-4076:
----------------------------------------
The way the patch works is if a user installs <security:render-stamp-store/> then rather than being stored in the view root, render stamps are stored in the session scoped RenderStampStore, and the key to access the render stamp is stored in the view root instead.
> Client side state saving CSRF protection
> ----------------------------------------
>
> Key: JBSEAM-4076
> URL: https://jira.jboss.org/jira/browse/JBSEAM-4076
> Project: Seam
> Issue Type: Patch
> Reporter: Stuart Douglas
> Attachments: bookingExampleUsingToken.diff, clientSideProtection.patch, tokenCdkTag.diff
>
>
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the seam-issues
mailing list