[JAVASERVERFACES-2269] Verify implementation of CSRF protection Created: 14/Dec/11  Updated: 20/Dec/12  Resolved: 30/Nov/12

Status: Closed
Project: javaserverfaces
Component/s: lifecycle
Affects Version/s: None
Fix Version/s: 2.2.0-m07

Type: Task Priority: Critical
Reporter: Ed Burns Assignee: dougd
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: 3 days
Time Spent: Not Specified
Original Estimate: 3 days

Issue Links:
depends on JAVASERVERFACES-2650 RestoreViewPhase.maybeTakeProtectedvi... Closed
depends on JAVASERVERFACES-2651 RestoreViewPhase.maybeTakeProtectedVi... Closed
blocks JAVASERVERFACES_SPEC_PUBLIC-869 Specify CSRF Solution Closed
blocks JAVASERVERFACES_SPEC_PUBLIC-758 Support view actions that execute bef... Closed
is related to JAVASERVERFACES-2204 Optimize performance of JAVASERVERFAC... Closed
Tags: JSF2_2


The implementation of JAVASERVERFACES_SPEC_PUBLIC-869 in the mojarra trunk for 2.2. is only complete enough to write the specification. It needs to be carefully inspected to verify that it really works and it needs sufficient test coverage to ensure that it keeps working.

Comment by Manfred Riem [ 19/Oct/12 ]

As part of verifying the implementation, make sure any performance issue is also addressed.

Comment by dougd [ 30/Nov/12 ]

I have added new test coverage for this area.

Generated at Fri Feb 12 08:21:21 UTC 2016 using JIRA 6.2.3#6260-sha1:63ef1d6dac3f4f4d7db4c1effd405ba38ccdc558.