[CLOSED] CSRF attack

  1. #1

    [CLOSED] CSRF attack

    Do we have anything in framework to treat this type of issue, and prevent a possible CSRF attack ?

    Last edited by Daniil; Jul 27, 2012 at 2:11 PM. Reason: [CLOSED]
  2. #2
    This is not really in the scope of Ext.NET.

    Encoding your strings does help prevent issues.
    Geoffrey McGill
  3. #3
    I was thinking about some "csrf-token" mechanism, are you aware of any in extjs?
  4. #4
  5. #5
    By default, in Ext.NET 7.0 for ASP.NET Core, a RequestVerificationToken is passed in all Direct requests and CSRF is now supported out of the box.

    Application security has been a priority focus of the new Ext.NET 7.0 release as we continue to focus on reducing security vulnerabilities and promote strong security practices for all apps.
    Geoffrey McGill

Similar Threads

  1. Replies: 6
    Last Post: Jan 29, 2010, 12:15 PM

Tags for this Thread

Posting Permissions