Closed Bug 810418 Opened 13 years ago Closed 13 years ago

add csrf protection to release kickoff webapp

Tracking

(Not tracked)

Status:

RESOLVED FIXED

People

(Reporter: bhearsum, Assigned: bhearsum)

References

Details

(Keywords: wsec-csrf, Whiteboard: [shipit])

bhearsum@mozilla.com (:bhearsum)

Assignee

Description

•

13 years ago

No description provided.

bhearsum@mozilla.com (:bhearsum)

Assignee

Comment 1

•

13 years ago

I think I've got this working in: https://github.com/bhearsum/release-kickoff/compare/d21a170d3af8f8ef0548fcb6185a5e31d8df93a7...ef483db https://github.com/bhearsum/tools/commit/db13467fd73d8c160b2d43ae3faa81c02b27d681

bhearsum@mozilla.com (:bhearsum)

Assignee

Updated

•

13 years ago

Whiteboard: [kickoff]

bhearsum@mozilla.com (:bhearsum)

Assignee

Comment 2

•

13 years ago

CSRF support is done. According to https://wiki.mozilla.org/WebAppSec/Secure_Coding_QA_Checklist there's nothing we need to do for XSS.

Status: ASSIGNED → RESOLVED

Closed: 13 years ago

Resolution: --- → FIXED

Summary: add csrf+xss protection to release kickoff webapp → add csrf protection to release kickoff webapp

bhearsum@mozilla.com (:bhearsum)

Assignee

Updated

•

13 years ago

Whiteboard: [kickoff] → [shipit]

Yvan Boily [:ygjb][:yvan]

Updated

•

12 years ago

Keywords: wsec-csrf

Nobody; OK to take it and work on it

Updated

•

12 years ago

Product: mozilla.org → Release Engineering

You need to log in before you can comment on or make changes to this bug.

Bugzilla

add csrf protection to release kickoff webapp

Categories

(Release Engineering :: Release Automation, defect)

Tracking

(Not tracked)

People

(Reporter: bhearsum, Assigned: bhearsum)

References

Details

(Keywords: wsec-csrf, Whiteboard: [shipit])

Crash Data

Security

(public)

User Story

Description

Comment 1

Updated

Comment 2

Updated

Updated

Updated