[Freeipa-devel] IPA Server UI Behind Proxy
Jan Pazdziora
jpazdziora at redhat.com
Tue Sep 3 00:25:50 UTC 2013
On Mon, Sep 02, 2013 at 08:38:51AM -0400, Simo Sorce wrote:
> >
> > Could we change the CSRF protection method from the Referrer check to
> > some user session specific token?
>
> Where do you store it on the client side ?
Storing it in some DOM element (hidden div) and retrieving it into
any POST operation you do against the server would be my course of
investigation.
--
Jan Pazdziora | adelton at #ipa*, #brno
Principal Software Engineer, Identity Management Engineering, Red Hat
More information about the Freeipa-devel
mailing list