Opened 12 years ago

Closed 12 years ago

#20332 closed Bug (duplicate)

You Might Be Logged Out If

Reported by: csrf.django@… Owned by: nobody
Component: CSRF Version: dev
Severity: Normal Keywords: csrf, logout, authentication
Cc: Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description (last modified by Alex Gaynor)

You might be logged out...

http://jsfiddle.net/CqvnJ/

Let's require POST to logout.

Change History (4)

comment:1 by csrf.django@…, 12 years ago

Type: UncategorizedBug
Version: 1.5master

comment:2 by Alex Gaynor, 12 years ago

Description: modified (diff)

Edited to remove CSRF attack.

comment:3 by Donald Stufft, 12 years ago

In the future please err on the side of caution and report any potential security issues to security@… (More details on responsibly disclosing security issues here).

comment:4 by Paul McMillan, 12 years ago

Resolution: duplicate
Status: newclosed

Closing this as a duplicate of https://code.djangoproject.com/ticket/15619

Note: See TracTickets for help on using tickets.
Back to Top