MozillaWiki

WebAppSec/Secure Coding QA Checklist: Difference between revisions

Page Discussion

WebAppSec/Secure Coding QA Checklist (view source)

Revision as of 20:43, 18 July 2010

23 bytes removed ,  18 July 2010
→‎Desired System Behavior
Line 125: Line 125:


===Desired System Behavior===
===Desired System Behavior===
A random CSRF token/crumb is required when submitting an update action to the server.  
A random CSRF token/crumb is required when submitting an update action to the server. Further, if a user modifies the token/crumb then the application will reject the action requested by the user.
 
 
 
If the request is submitted without the token or with a modified token then the application does not process the requested event.


===Further information===
===Further information===
Mcoates
Confirmed users
491

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/239045"