struts-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (Jira)" <j...@apache.org>
Subject [jira] [Work logged] (WW-5083) Fetch Metadata support
Date Mon, 03 Aug 2020 23:01:00 GMT

     [ https://issues.apache.org/jira/browse/WW-5083?focusedWorklogId=465941&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-465941
]

ASF GitHub Bot logged work on WW-5083:
--------------------------------------

                Author: ASF GitHub Bot
            Created on: 03/Aug/20 23:00
            Start Date: 03/Aug/20 23:00
    Worklog Time Spent: 10m 
      Work Description: JCgH4164838Gh792C124B5 commented on pull request #428:
URL: https://github.com/apache/struts/pull/428#issuecomment-668281262


   Hello Again.  This PR has been updated with the suggested additional unit test and increased
the level of the "Fetch metadata rejected" log message to `info` level.  Let me know if anyone
thinks additional changes are needed.


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


Issue Time Tracking
-------------------

    Worklog Id:     (was: 465941)
    Time Spent: 4.5h  (was: 4h 20m)

> Fetch Metadata support
> ----------------------
>
>                 Key: WW-5083
>                 URL: https://issues.apache.org/jira/browse/WW-5083
>             Project: Struts 2
>          Issue Type: New Feature
>          Components: Core Interceptors
>            Reporter: Santiago Diaz
>            Priority: Major
>             Fix For: 2.6
>
>          Time Spent: 4.5h
>  Remaining Estimate: 0h
>
> We'd like to add built-in Fetch Metadata support to Struts2 to provide a simple security
mechanism that developers can use to protect against Cross-Site Request Forgery vulnerabilities



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Mime
View raw message