Protect against CSRF attacks #135

MrKrisKrisu · 2020-10-05T16:30:26Z

Some routes carry out actions without having checked whether the user really wants to carry them out. A CSRF protection should be used. In addition, the routes from GET to POST
(or PUT, DELETE, ...) change.

Affected e.g.

GET: /settings/deltoken/{id}
GET: /settings/delsession

closes #135

MrKrisKrisu created this issue from a note in Backend (To do) Oct 5, 2020

MrKrisKrisu removed this from To do in Backend Oct 5, 2020

MrKrisKrisu added this to To do in Frontend via automation Oct 5, 2020

MrKrisKrisu added bug Something isn't working To Do labels Oct 5, 2020

MrKrisKrisu added a commit that referenced this issue Feb 14, 2021

Added CSRF Protection to routes

c6ea1e2

closes #135

MrKrisKrisu mentioned this issue Feb 14, 2021

🚑 Added CSRF Protection to routes #214

Merged

HerrLevin closed this as completed in #214 Feb 15, 2021

Frontend automation moved this from To do to Done Feb 15, 2021

HerrLevin pushed a commit that referenced this issue Feb 15, 2021

Added CSRF Protection to routes (#214)

1a68505

closes #135

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Protect against CSRF attacks #135

Protect against CSRF attacks #135

MrKrisKrisu commented Oct 5, 2020

Protect against CSRF attacks #135

Protect against CSRF attacks #135

Comments

MrKrisKrisu commented Oct 5, 2020