play framework

Feature request: CSRF protection

Bug #525417 reported by nkmrshn on 2010-02-21

This bug affects 1 person

	Status	Importance	Assigned to	Milestone
play framework	Status tracked in 1.0
1.0	Fix Released	Undecided	Guillaume Bort	play framework 1.0.2
1.1	Fix Committed	Undecided	Guillaume Bort	play framework 1.1

Bug Description

http://groups.google.com/group/play-framework/browse_thread/thread/85d1863ca03af24e/220362f6b722608b#220362f6b722608b

The CSRF(Cross-Site Scripting Request Forgery) protection feature is vital for all web application which has posting data, but I can't find it in the Play! framework. Currently, yes we can do it, but I thought that it maybe have more simple by implementing in the framework.

Revision history for this message

Nicolas Leroux (nicolas-lunatech) wrote on 2010-03-28:

Guillaume committed the fix but I cant remember which version.

Revision history for this message

Nicolas Leroux (nicolas-lunatech) wrote on 2010-03-28:

And of course, there should be documentation .

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.