session and csrf... #209
session and csrf... #209
Conversation
|
To address the DCO requirement you'll need to sign-off the commit(s): |
This comment has been minimized.
This comment has been minimized.
kingthorin
left a comment
kingthorin
left a comment
There was a problem hiding this comment.
I have no way to re-test this. I don't see anything in the code that seems horrible, aside from the fact that it takes a rather huge amount of code. However that's neither here nor there. Most of my feedback is that some of the white space and comments can likely be removed as they're not likely relevant to end users.
|
Could you remove the commits already merged? |
|
This seems to duplicate existing core functionality though. |
|
I guess you talk about the c79a9a5 commit, isn't it? |
|
I was referring to 088b663, though everything can be squashed and then rebased. Note that the changelog should be updated as well. |
D-360
force-pushed
the
master
branch
2 times, most recently
from
47901e8 to
1ddab90
Compare
|
Done. |
|
Hello, is this PR going to be merge someday? |
|
If/when #209 (comment) is addressed |
|
But, that was already addressed at following commits, isn't it? |
|
There is no more 088b663 at the commits' tab. |
|
|
Ops, ok, then I'll do it later. My fault. |
|
No worries 😉 |
D-360
force-pushed
the
master
branch
3 times, most recently
from
67502dc to
6c844ba
Compare
|
Done. Isn't it? |
|
Well you’ve still ended up with two commits because of merge vs rebase. I’ll try to get someone else to review then I can address whatever is left (if anything). |
|
Yeap, sorry, and thanks. |
|
The changelog needs to be updated. |
|
Okay, I'll take care of that. It seems there's an entry, just in the wrong place. |
|
Flattened and CHANGELOG.md tweaked. |
HttpSender script for full session and csrf token management (nashorn based). Tested over DVWA and over a real life project with active defense enabled (ESAPI) Signed-off-by: Diego Díaz Morales <D-36O@outlook.com>
|
Thank you both! |
3 participants
HttpSender script for full session and csrf token management (nashorn based). Tested over DVWA and over a real life project with active defense enabled (ESAPI)