Data dodania Pytanie
2017-01-04 17:01 Rails Brakeman SQL injection warning while accessing an oracle view/function »
I have rails code that is consuming an oracle view/function. This is my code: def run_query connection.exec_query( "SELECT * FROM TABLE(FN...
(1) odpowiedzi
2016-12-07 00:12 jCaptcha java API security issue »
We are using jCaptcha (Altassian) java API in our project. Refer the implementation: https://jcaptcha.atlassian.net/wiki/display/general/5+minutes+app...
(0) odpowiedzi
2016-12-01 12:12 OWASP ZAP: send CSRF to scan restricted sites »
I'm trying to auto login to a web page (which i wan't to crawl and scan) via Form-based authentication (ZAP/Session Management/Context). Unfortunately...
(0) odpowiedzi
2016-11-25 09:11 OWASP HTML Sanitizer cleans comments »
I have application where customer can store following html lines in order to load different styles for actual browser: <!--[if IE 6]><link r...
(0) odpowiedzi
2016-10-03 17:10 csrfguard token not added for jquery plugin call »
we are using CSRFGuard 3.1.0 in our web project. We have added the all the configurations - references in web.xml , javascriptservlet in html page , ...
(0) odpowiedzi
2016-09-14 21:09 CSRFGuard landing page not displaying »
I am trying to get CSRFGuard from the OWSAP github to work, but when I place the following code in the web.xml file, my app fails to load the default ...
(0) odpowiedzi
2016-09-07 22:09 CSRFGuard : CSRF Token becomes invalid once Session timeouts on Login page »
How to handle CSRF Token becomes invalid once Session timeouts on Login page when using CSRFGuard. I need to avoid page refresh to keep session alive....
(0) odpowiedzi
2016-08-23 02:08 Tool to check known vulnerabilities in php project using composer »
I am working on a php project that uses composer but some of the dependencies are very old, including the php version. We are trying to convince the c...
(1) odpowiedzi
2016-07-30 12:07 OWASP CsrfGuard throwing IllegalArgumentException and NullPointerException »
I’m trying to implement OWASP CsrfGuard in my Spring MVC based web application, I followed the instructions to OWASP site to configure it but when m...
(0) odpowiedzi
2016-06-24 22:06 Issue with CSRFGUARD: Uncaught SyntaxError: Failed to execute 'setRequestHeader' on 'XMLHttpRequest': '/** »
I am currently using CSRFGuard 3.1 on an application and everything works fine in Internet Explorer but I am getting the following error in CHROME Un...
(0) odpowiedzi
2016-06-20 18:06 How to send Owasp CSRF token with httpclient »
I do a http POST with commons httpclient in one of my jsp files. For that I need to send the CSRF token along with. I am using the OWasp CSRF guard. A...
(0) odpowiedzi
2016-04-20 12:04 Spring Security CSRF protection of REST backend - transfer Synchronizer Token Pattern to the client »
I read a lot about Spring Securitys CSRF protection, but i still struggle a little bit. Now the documentation is great as usual, but it's completely b...
(0) odpowiedzi
2016-02-03 04:02 Are there reason why web devs dont use CSRF for login pages »
I recently realized that a few production web applications I was running. Diddnt have csrf protection for the login page. It is only after authentic...
(2) odpowiedzi
2016-01-26 13:01 Why should I put a CSRF token in a JWT token? »
I want to bring a doubt about JWT tokens and CSRF from the Stormpath post that explain the advantages and disadvantages of storing the JWT either in l...
(1) odpowiedzi
2015-12-14 13:12 OWASP csrfguard not loading css on first visit »
I implemented the csrfguard in my project and everything is working fine but when I load a page it first loads the html without layout and after a ref...
(0) odpowiedzi
2015-11-30 14:11 OWASP CSRFGuard error »
Inside an application, I am trying to integrate CSRFGuard library in order to prevent CSRF attacks. Today, I am facing a problem: I can't access a pa...
(0) odpowiedzi
2015-11-17 05:11 CSRF and OWASP ZAP »
We have a Grails application and we are currently doing some OWASP ZAP security scan. There has been some Anti CSRF Tokens Scanner alerts that have co...
(1) odpowiedzi
2015-10-09 17:10 Web Security: Preventing CSRF attack »
I am following this tutorial for an application based in spring framework 3.2.4 http://springdiaries.blogspot.be/2012/12/web-security-preventing-csrf...
(0) odpowiedzi
2015-10-09 13:10 Key for session.getAttribute() is null using OWASP_CSRFTOKEN on a spring framework 3.2.4 app »
I am adding OWASP.CsrfGuard.jar to my spring 3.2.4 application to prevent CSRF attacks (CSRF is an attack which forces an end user to execute unwanted...
(0) odpowiedzi
2015-10-08 10:10 Setting Owasp.CsrfGuard.properties in a Spring framework application »
I am adding OWASP.CsrfGuard.jar to my spring 3.2.4 application to prevent CSRF attacks, but I am not sure how to config it. The entry point of my appl...
(0) odpowiedzi
2015-09-21 10:09 CSRF Guard on Grails »
I would just like to ask if there's anyone who already have used CSRFGuard on a Grails project? I tried to make it work on my Grails application but O...
(0) odpowiedzi