Re: [rules-dev] Guvnor XSRF attack?
So, realistically we can expect our users to notice the hick-up at some
stage with 5.2.0 (or GWT2.1+ in reality).
Should we consider an emergency game-plan should a fix not be found prior to
release? e.g. Remove XSRF protection short-term. It doesn't leave Guvnor any
more exposed than we were pre-GWT2.1). I've posted to GWT's forums but had
no response as yet.
Views anybody?
Cheers,
Mike
On 24 March 2011 14:26, Tihomir Surdilovic <tsurdilo(a)redhat.com> wrote:
On 3/23/11 4:34 PM, Michael Anstis wrote:
> Has anybody experienced this in "Web" mode?
Yes. When first reporting this I was running on JBoss AS 4.2.3.
Thanks.
_______________________________________________
rules-dev mailing list
rules-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/rules-dev
Attachments:
- attachment.html (text/html — 1.2 KB)