canmove, Confirmed users
1,537
edits
Security/Features/Intranet CSRF Blocker: Difference between revisions
Jump to navigation
Jump to search
Security/Features/Intranet CSRF Blocker (view source)
Revision as of 21:17, 22 November 2013
, 22 November 2013no edit summary
No edit summary |
No edit summary |
||
| Line 5: | Line 5: | ||
}} | }} | ||
{{FeatureTeam | {{FeatureTeam | ||
|Feature product manager= | |Feature product manager=Sid Stamm | ||
|Feature lead engineer=Steve Workman | |Feature lead engineer=Steve Workman | ||
|Feature additional members=Brian Smith | |Feature additional members=Brian Smith | ||
| Line 20: | Line 20: | ||
* [http://www.symantec.com/avcenter/reference/Driveby_Pharming.pdf "Drive-By Pharming"] | * [http://www.symantec.com/avcenter/reference/Driveby_Pharming.pdf "Drive-By Pharming"] | ||
* [http://ha.ckers.org/blog/20080108/cross-site-printing/ "Cross site printing"] | * [http://ha.ckers.org/blog/20080108/cross-site-printing/ "Cross site printing"] | ||
|Feature dependencies=See related bug | |Feature dependencies=See related {{bug|354493}}. Dependencies: | ||
<bugzilla> | |||
{ | |||
"status": ["NEW", "UNCONFIRMED", "RESOLVED", "REOPENED"], | |||
"blocks": "354493", | |||
"include_fields": "id, summary, status" | |||
} | |||
</bugzilla> | |||
|Feature non-goals=The reverse case, where a web page on a private network sends requests for non-private resources, is common and is not considered an attack case that we are trying to prevent. | |Feature non-goals=The reverse case, where a web page on a private network sends requests for non-private resources, is common and is not considered an attack case that we are trying to prevent. | ||
}} | }} | ||