What are the Slack Archives?
Itโs a history of our time together in the Slack Community! Thereโs a ton of knowledge in here, so feel free to search through the archives for a possible answer to your question.
Because this space is not active, you wonโt be able to create a new post or comment here. If you have a question or want to start a discussion about something, head over to our categories and pick one to post in! You can always refer back to a post from Slack Archives if needed; just copy the link to use it as a reference..
I was wondering, why there is no basic `CSRF token` protection for the search form? ๐ ๐ Doe
I was wondering, why there is no basic CSRF token protection for the search form? ๐ ๐
Doesnโt that make sense? Or was it forgotten?
At least, I donโt see it in the demo-shop: https://www.de.b2c.demo-spryker.com/
Comments
-
Because search form sends a GET request. It doesnโt make sense to protect GET requests from CSRF attacks. More details: https://security.stackexchange.com/questions/115794/should-i-use-csrf-protection-for-get-requests
0
Categories
- All Categories
- 42 Getting Started & Guidelines
- 7 Getting Started in the Community
- 8 Additional Resources
- 7 Community Ideas and Feedback
- 66 Spryker News
- 883 Developer Corner
- 747 Spryker Development
- 83 Spryker Dev Environment
- 360 Spryker Releases
- 3 Oryx frontend framework
- 33 Propel ORM
- 68 Community Projects
- 3 Community Ideation Board
- 30 Hackathon
- 3 PHP Bridge
- 6 Gacela Project
- 22 Job Opportunities
- 3.2K ๐ Slack Archives
- 116 Academy
- 5 Business Users
- 370 Docker
- 551 Slack General
- 2K Help
- 75 Knowledge Sharing
- 6 Random Stuff
- 4 Code Testing
- 32 Product & Business Questions
- 67 Spryker Safari Questions
- 50 Random