středa 21. července 2010

ZK 3.6 CSRF Protection

Unfortunately, ZK Web Framework version 3.6 and earlier lack any CSRF protection. i have created a very basic event filter to tackle this issue. Hope, someone else may find it useful, see It is just a very first version, leave me a comment, if you have some suggestion.

Update 15th Sep 2010: Improved protection and logging.

Žádné komentáře: