[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
Re: [orion-dev] Bug 435067 - XSRF protection in webdavImpl.js
|
Hi Erwin,
The webdavimpl is not used for talking to a webdav impl on the same host and port as Orion. There is also additional work going on around webdav so for now you can ignore it.
-Simon
![Inactive hide details for "Margewitsch, Erwin" ---10/17/2014 08:10:46 AM---Hi, During the work to implement XSRF protection [1]]()
"Margewitsch, Erwin" ---10/17/2014 08:10:46 AM---Hi, During the work to implement XSRF protection [1] in orion I found one more _javascript_ file which
![]()
| ![]()
"Margewitsch, Erwin" <erwin.margewitsch@xxxxxxx> |
![]()
| ![]()
Orion developer discussions <orion-dev@xxxxxxxxxxx>, |
![]()
| ![]()
10/17/2014 08:10 AM |
![]()
| ![]()
[orion-dev] Bug 435067 - XSRF protection in webdavImpl.js |
![]()
| ![]()
orion-dev-bounces@xxxxxxxxxxx |
Hi,
During the work to implement XSRF protection [1] in orion I found one more _javascript_ file which is using directly an XMLHttpRequest object with a method different from ‘get’. So in this place I would like to add XSRF Protection like I did in the other places (see [2]).
Can you give me some hints how to do this for webdavImpl.js? I would like to reuse my code from [orion/xsrfUtils] (see [2]) but I don’t know how…
Erwin
[1] https://bugs.eclipse.org/bugs/show_bug.cgi?id=435067
[2] https://git.eclipse.org/r/#/c/26742
_______________________________________________
orion-dev mailing list
orion-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/orion-dev
