Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

todo: csrf prevention #4

Open
alechash opened this issue Jan 3, 2021 · 2 comments
Open

todo: csrf prevention #4

alechash opened this issue Jan 3, 2021 · 2 comments
Assignees
@alechash @DrewWilson04
Labels
enhancement New feature or request

Comments

@alechash
Copy link
Contributor

alechash commented Jan 3, 2021
edited

CSRF or cross site request forgery will prevent users from using internal apis and other post requests. This is achieved by sending a unique id as part of the form.

express middleware: https://github.com/expressjs/csurf
@alechash alechash added the enhancement New feature or request label Jan 3, 2021
@alechash
Copy link
Contributor Author

alechash commented Jan 4, 2021

https://github.com/siddesmedia/siddes/security/code-scanning/21?query=ref%3Arefs%2Fheads%2Fmain

@alechash
Copy link
Contributor Author

Just realized only I can view that. Makes sense. I'll work on a PR later today

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@alechash alechash

@DrewWilson04 DrewWilson04

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@alechash @DrewWilson04