Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add CSRF protection #158

Closed
To-om opened this issue Mar 27, 2017 · 0 comments
Closed

Add CSRF protection #158

To-om opened this issue Mar 27, 2017 · 0 comments
Assignees
@To-om
Labels
enhancement
Milestone
2.10.2

Comments

@To-om
Copy link
Contributor

To-om commented Mar 27, 2017

Request Type

enhancement

Work Environment

any

Problem Description

CSRF attack is blocked if your are using modern browser (except for GET requests). Even if attack using GET requests is not really applicable and TheHive requires modern browser, security can be enforced by adding CSRF token.

Complementary information

TheHive4py (and other TheHive clients that doesn't use a browser) should not care about CSRF token. CSRF token should be required only if cookie based authentication is used.
@To-om To-om added this to the 2.10.2 milestone Mar 27, 2017
@To-om To-om self-assigned this Mar 27, 2017
To-om pushed a commit that referenced this issue Mar 27, 2017
#158 add CSRF protection
dfd75f3
@To-om To-om closed this as completed Mar 27, 2017
To-om added a commit that referenced this issue Mar 27, 2017
@To-om
#158 add configuration for CSRF protection
be5129e
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@To-om To-om

Labels
enhancement
Projects
None yet
Milestone
2.10.2
Development

No branches or pull requests
1 participant
@To-om