Nuxeo mailing list archives
[Nuxeo-tickets] Re: [Nuxeo Repository] #630: Don't use GET for side
effects, use POST
Nuxeo Repository
trac at nuxeo.com
Tue Apr 17 11:05:25 CEST 2007
#630: Don't use GET for side effects, use POST
--------------------------+-------------------------------------------------
Reporter: anonymous | Owner: fguillaume
Type: defect | Status: new
Priority: P2 | Milestone: CPS 3.4.4
Component: CPS (global) | Version: TRUNK
Severity: major | Resolution:
Keywords: security XSS |
--------------------------+-------------------------------------------------
Changes (by madarche):
* summary: Don't use GET for side effects, and check that a POST comes
from the same server => Don't use GET for side
effects, use POST
--
Ticket URL: <http://svn.nuxeo.org/trac/pub/ticket/630>
Nuxeo Repository <http://www.cps-project.org/>
Nuxeo Repository
This list archive provided by Nuxeo, the
leaders of open source ECM.
Check out the Nuxeo 5 open source,
standards-based ECM project.