gokrazy

lordwelch/gokrazy

Fork 0

Commit Graph

Author	SHA1	Message	Date
Michael Stapelberg	c74265523b	implement XSRF/CSRF protection for /stop and /restart While stopping/restarting processes seems like a nuisance at best, it’s good style to prevent these attacks. This commit the Double-Submit Cookie protection, which seems appropriate for our architecture and demands. See also: https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet#Double_Submit_Cookie	2018-06-25 18:38:08 +02:00
Michael Stapelberg	38af7fd18d	Initial commit	2017-03-04 11:22:48 +01:00

Author

SHA1

Message

Date

Michael Stapelberg

c74265523b

implement XSRF/CSRF protection for /stop and /restart

While stopping/restarting processes seems like a nuisance at best, it’s good
style to prevent these attacks.

This commit the Double-Submit Cookie protection, which seems appropriate for our
architecture and demands. See also:
https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet#Double_Submit_Cookie

2018-06-25 18:38:08 +02:00

Michael Stapelberg

38af7fd18d

Initial commit

2017-03-04 11:22:48 +01:00

2 Commits