Update: Cross-Site Request Forgery Prevention Cheat Sheet #1388

wittjoe1 · 2024-04-19T13:15:38Z

What is missing or needs to be updated?

I'm wondering about the title of the chapter "Disallowing **non-**simple requests".
In my opinion - and from the context - it should read "Disallowing simple requests", as "simple" requests lead to CSRF, which we actually want to prevent.

How should this be resolved?

Can someone please check this? Thx

jmanico · 2024-04-19T20:57:17Z

This is a good observation. Care to submit a PR for us?

wittjoe1 added ACK_WAITING Issue waiting acknowledgement from core team before to start the work to fix it. HELP_WANTED Issue for which help is wanted to do the job. UPDATE_CS Issue about the update/refactoring of a existing cheat sheet. labels Apr 19, 2024

wittjoe1 mentioned this issue Apr 22, 2024

CSRF Prevention: fixing chapter's title #1389

Merged

8 tasks

mackowski assigned wittjoe1 Apr 22, 2024

mackowski added ACK_OBTAINED Issue acknowledged from core team so work can be done to fix it. and removed ACK_WAITING Issue waiting acknowledgement from core team before to start the work to fix it. HELP_WANTED Issue for which help is wanted to do the job. labels Apr 22, 2024

mackowski closed this as completed May 10, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update: Cross-Site Request Forgery Prevention Cheat Sheet #1388

Update: Cross-Site Request Forgery Prevention Cheat Sheet #1388

wittjoe1 commented Apr 19, 2024

jmanico commented Apr 19, 2024

Update: Cross-Site Request Forgery Prevention Cheat Sheet #1388

Update: Cross-Site Request Forgery Prevention Cheat Sheet #1388

Comments

wittjoe1 commented Apr 19, 2024

What is missing or needs to be updated?

How should this be resolved?

jmanico commented Apr 19, 2024