numerus

History

jordi fita mas 917db31227 Add cross-request forgery detection I use the ten first digits of the cookie’s hash, that i believe it is not a problem, has the advantage of not expiring until the user logs out, and using a per user session token is explicitly allowed by OWASP[0]. [0]: https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#synchronizer-token-pattern	2023-02-02 11:39:34 +01:00
..
static	Fix “translation” of ‘(opcional)’ for fields in Spanish and Catalan	2023-01-31 15:43:47 +01:00
template	Add cross-request forgery detection	2023-02-02 11:39:34 +01:00

jordi fita mas 917db31227 Add cross-request forgery detection

I use the ten first digits of the cookie’s hash, that i believe it is
not a problem, has the advantage of not expiring until the user logs
out, and using a per user session token is explicitly allowed by
OWASP[0].

[0]: https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#synchronizer-token-pattern

2023-02-02 11:39:34 +01:00

static

Fix “translation” of ‘(opcional)’ for fields in Spanish and Catalan

2023-01-31 15:43:47 +01:00

template

Add cross-request forgery detection

2023-02-02 11:39:34 +01:00