Re: [che-dev] Support for CSRF prevention

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [che-dev] Support for CSRF prevention

From: Sergii Kabashniuk <skabashnyuk@xxxxxxxxxxx>
Date: Wed, 11 Mar 2015 12:17:23 +0200
Delivered-to: che-dev@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/che-dev>
List-help: <mailto:che-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/che-dev>, <mailto:che-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/options/che-dev>, <mailto:che-dev-request@eclipse.org?subject=unsubscribe>

Hello Zoya

On Wed, Mar 11, 2015 at 12:02 PM, Pronyakova, Zoya <zoya.pronyakova@xxxxxxx> wrote:

Dear colleagues,

We are currently working on solution for authentication/CSRF/XSS support for CHE in HCP (SAP HANA Cloud Platform)

I am wondering whether you plan to introduce a common CSRF prevention support in CHE?

Right now we can recomend to configure standart tomcat CsrfPreventionFilter http://tomcat.apache.org/tomcat-7.0-doc/config/filter.html#CSRF_Prevention_Filter

Is this the thing you are looking for?

Sergii Kabashniuk

Thanks,

Zoya

Zoya Pronyakova

Team Architect, Development Experience, Technology Cloud Experience

SAP Labs Israel, 15 Hatidhar st., Raanana 43665, Israel

M +972-54-420-4894

T +972-9-777-9877

E zoya.pronyakova@xxxxxxx

_______________________________________________
che-dev mailing list
che-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/che-dev

References:
- [che-dev] Support for CSRF prevention
  - From: Pronyakova, Zoya

Prev by Date: [che-dev] Support for CSRF prevention
Next by Date: [che-dev] SNAPSHOT versions
Previous by thread: [che-dev] Support for CSRF prevention
Next by thread: [che-dev] SNAPSHOT versions
Index(es):
- Date
- Thread

Breadcrumbs