Data dodania Pytanie
2017-06-16 15:06 Django/AngularJS: CSFR Token Error »
I'm new to both Django and AngularJS and I've been struggling on this for hours. AngularJS Code (of my controller) to POST to Django Server: $http({...
(2) odpowiedzi
2017-06-14 15:06 Anti Cross Site Request Forgery (CSRF) token in asp.net c# »
Our team has developed an c# asp.net application and it recently went through a security check. One of the many threats include using anti CSRF token....
(0) odpowiedzi
2017-06-13 18:06 Upgraded to Spring Security 4 and now I'm unable to login »
I just upgraded to Spring Security 4.2.3.RELEASE and now I can't login. Specifically, when I login, submitting these parameters OWASP_CSRFTOKEN ZLCK...
(1) odpowiedzi
2017-06-13 08:06 CSRF Verification Failed. When Using CURL (divar) »
i'm trying to get content of divar.com by curl but error "CSRF verification failed. Request aborted." browser request Accept:application/json, text/...
(2) odpowiedzi
2017-06-11 01:06 Django SQL injection and XSS when do they take place »
Hi!! The only form of sécurity I used in django so far is {% csrf_token %} for forms.py and in the settings.py I use MIDDLEWARE_CLASSES = [ ...
(0) odpowiedzi
2017-06-09 19:06 Send X_CSRF Token from Yii application to Laravel API »
I am trying to make an API call from Yii 2 web application to an API that is developed in Laravel. Now Laravel expects an X_CSRF token whenever a POST...
(0) odpowiedzi
2017-06-09 11:06 How to define CSRF token in ajax call in Cakephp 3. Also How CSRF can be off for some ajax requests »
In Cakephp3 when the Csrf component is enabled. How I can use it in ajax call. In this beforeSend parameter of ajax csrf token is set in header. What ...
(1) odpowiedzi
2017-06-09 00:06 Asynchronously set rails authenticity token »
I have a page that is cached at the CDN level that I would like to have a form submission on. I have followed technique 3 of this post in order to as...
(1) odpowiedzi
2017-06-08 14:06 CSRF token with Apache Shiro »
I have an existing web application based on Apache Shiro for the authentication/authorization parts. I want to implement a mechanism for generating/ch...
(1) odpowiedzi
2017-06-07 21:06 How can i login Android app with (Django) CSRF? »
i make login for my application. But, i need CRSF token for login in app. First, i try send a cookie and get a csrf. But i am beginner and it doesn't ...
(1) odpowiedzi
2017-06-07 17:06 Symfony 3 Ajax Login Invalid CSRF Token »
I am trying to login with my modal and send an Ajax request for the authentication but i get always this error from the onAuthenticationFailure functi...
(0) odpowiedzi
2017-06-07 09:06 CSRF token is invalid after changing Host »
we had a Symfony2 project and for some reason we've changed the Host, after changing to a host with Plesk Panel, we are facing with The CSRF token is...
(1) odpowiedzi
2017-06-06 17:06 Template Tag not working with csrf_token »
I am attempting to create a custom template tag to display a comment. When I try submitting a reply through the form attached to each comment, I get ...
(1) odpowiedzi
2017-06-06 14:06 Codeigniter and Ckfinder csrf_exclude_uris »
I'm having an issue with Codeigniter 3 and CKfinder regards the CSRF Protection If I use the below in my Codeigniter Config file CKFinder image uploa...
(0) odpowiedzi
2017-06-06 04:06 csrf_exclude_uri in CI version 2? »
i have some problem using csrf_protection. i want to hit example.com/test/index_post from a form in mysite.com/myform using post method form but when ...
(1) odpowiedzi
2017-06-05 18:06 Rails 5 InvalidAuthenticityToken, but token is present »
I am getting ActionController::InvalidAuthenticityToken saving a simple resource.. CSRF meta tags are present: <meta name="csrf-token" content="Z...
(1) odpowiedzi
2017-06-05 13:06 @RequestBody is giving validation error in Checkmarx »
public ResponseEntity<Map<String, String>> addCompany(@RequestBody String body,...) When I am scanning above code in Checkmarx it is giv...
(0) odpowiedzi
2017-06-05 06:06 How to deal with csrf security in codeigniter »
I have a project that we should interacting within 2 different application using CI. I use post method for sending request from 1st aplication to 2nd ...
(1) odpowiedzi
2017-06-04 20:06 FreeMarker template error with csrf »
It was necessary in the project to configure authentication with Spring Security + Freemarker. I have login page <#-- @ftlvariable name="_csrf" t...
(0) odpowiedzi
2017-06-02 16:06 preventing cross-site request forgery (csrf) attacks in asp.net web forms using ViewStateUserKey & Double Submit Cookie »
i found the page preventing cross-site request forgery (csrf) attacks in asp.net web forms which has explained how to prevent CSRF attacks but while i...
(0) odpowiedzi
2017-06-02 15:06 CSRF validation with web services with android app »
I have created a web service which is fully working. However, as soon as I enable CSRF validation in config/main.php I get an error when trying to use...
(1) odpowiedzi
2017-06-02 01:06 Django post 403 from frontend app »
I can't manage to make a successful post request to my database, I keep getting post url 403 (Forbidden). I think it's because of my csrf token sinc...
(0) odpowiedzi
2017-06-01 13:06 Spring CSRF multiparfilter breaks »
I have a multipart form with a file upload which gets posted as seen below in Chrome developer tools - ------WebKitFormBoundaryUkhJ5180JIBYXzLm Conte...
(0) odpowiedzi
2017-05-31 07:05 Implementation of CSRF Tokens per Session Information »
I have been reading up on how CSRF Tokens are implemented to prevent CSRF attacks. The OWASP page (https://www.owasp.org/index.php/Cross-Site_Request_...
(1) odpowiedzi
2017-05-31 05:05 Spring CSRF token issue »
I'm testing the upload file using spring mvc 4. I have this jsp file to upload a file: <c:url var="addAction" value="/create/uploadFile" ><...
(0) odpowiedzi
2017-05-30 14:05 multipartfilter does not leave form non null for servletfileupload »
I am using Spring MVC on backend. I have multipart filter defined like below in my web.xml. <filter> <filter-name>MultipartFilter...
(0) odpowiedzi
2017-05-30 12:05 How to properly configure Browsersync to proxy backend »
I'm struggling with proper configuration of Browsercync (and maybe some middleware?). My configuration is like: local.example.com it's mine local ad...
(0) odpowiedzi
2017-05-29 20:05 CSRF token is visible in source code »
Should my Cross-site request forgery TOKEN be viewable on my web page source code I am running a rails app in production and can see Cross-site reques...
(1) odpowiedzi
2017-05-29 17:05 Antiforgery tokens are reusable »
We use ASP.NET MVC's default Antiforgery technique. Recently a security company did a scan of a form and made note that they could use the same _Reque...
(0) odpowiedzi
2017-05-29 13:05 Possibility of CSRF-related issues in cached sign up form (Django) »
I have a sign up page in a Django project which I've cached (using @cache_page(600) on the view). On the page itself, I'm testing a simple form like s...
(1) odpowiedzi
2017-05-28 22:05 Should a Laravel SPA still use a CSRF token for security? »
I ran into multiple difficulties with CSRF when building a small SPA with Laravel and Vue.js: I use index.html as the only view, the rest is handled...
(1) odpowiedzi
2017-05-27 02:05 csrf ... php form security »
I'm creating a site with a number of different access levels, from basic user thru to admin level (5 in total) manager and admin levels will have the...
(2) odpowiedzi
2017-05-26 20:05 Spring CSRF multipart not working »
Spring CSRF is not working for me for multipart forms with file upload. It works fine for other requests. My web.xml looks like this - <filter>...
(0) odpowiedzi
2017-05-25 14:05 Could not verify the provided CSRF token when call rest services from ionic application »
I have a simple website that backend implemented with spring boot and frontend implemented with angularjs (angular 1) and every thing is ok. i create...
(0) odpowiedzi
2017-05-25 00:05 Aura Session 2.x - CSRF »
I have a question if anyone had the opportunity to use Aura Session 2.x? If so, I need help ... My problem is that I have no idea what I'm supposed t...
(0) odpowiedzi