Loading...

XML

Word

Printable

Type: Improvement
Resolution: Unresolved
Priority: Neutral
Fix Version/s: None
Affects Version/s: None
Component/s: core
Labels:

Template:
Acceptance criteria:

Empty

show more show less
Task DoD:

show more show less

There is a number of configured bypasses for the CSRFTokenFilter. Within ~~MAGNOLIA-8210~~ mgeljic brought up the idea to intercept login redirects for getting rid of some of these bypasses. Within this ticket we should:

Clarify the approach envisioned by mgeljic
Implement a POC
Productise the POC if it bring enough value

Implementation note: may we can use security callbacks?

Acceptance criteria

split from

MAGNOLIA-8210 Review CSRF filter implementations and bypasses

Closed

Assignee:: Michael Duerig

Reporter:: Michael Duerig

Team:: Foundation

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 19/Nov/21 2:53 PM

Updated:: 27/Oct/22 5:14 PM

Date of First Response:: 07/Dec/21 4:59 PM

Task DoD

Details

Description

Checklists

Attachments

Issue Links

Activity

People

Dates

Checklists