cmis-browser message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: [cmis-browser] cross-site request forgery attacks
- From: Scott Malabarba <scott.malabarba@us.ibm.com>
- To: cmis-browser@lists.oasis-open.org
- Date: Thu, 24 Feb 2011 13:31:04 -0800
Has there been any discussion about providing
for server defenses against cross-site request forgery attacks?
The only thing I could find is this
comment from Derek in an old email thread, http://lists.oasis-open.org/archives/cmis/200905/msg00036.html:
> scenarios. There are some
issues that we as a TC would need to resolve if
> we introduce a multi-part POST endpoint to support document upload/edit
> specifically around introducing mechanisms to prevent CSRF attack
vectors.
If the topic is still open, I'd like
to spend a few minutes on it in the next meeting.
Regards,
Scott
Scott Malabarba
Software Engineer
IBM Enterprise Content Management
3565 Harbor Blvd., Costa Mesa, CA 92626-1420
Phone (714) 327-5133 / Tieline 3955133
Email scott.malabarba@us.ibm.com
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]