Cross-site request forgeries (CSRF) is a web application vulnerability that is often neglected by web developers. If your application is vulnerable to CSRF and an attacker can entice you to request some URL (this can be done for example with an image with the src set to some Tapestry action) the attacker can execute random Tapestry actions and post forms (like adding a adminitrator etc.) without the users consent. For more info on CSRF see for example: http://en.wikipedia.org/wiki/Cross-site_request_forgery. One way to protect against CSRF is to add a non-guessable code (saved in the user session) to the URLs that need to be protected against CSRF or add a hidden field to a Form with this unique code. When Tapestry recieved a request (for a page or action) and that page/action need protection a check is done to see if the code from the URL matches the code stored in the user session. If not you know that the request did not generated by tapestry.
My question is what is the best way to implement this? Should I add the code as a context parameter and for forms as a hidden field? And use a dispatcher to check whether the page should have been protected? Thanks, Martijn Brinkers --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
