Opened 2 years ago

Closed 2 years ago

#20332 closed Bug (duplicate)

You Might Be Logged Out If

Reported by: csrf.django@… Owned by: nobody
Component: CSRF Version: master
Severity: Normal Keywords: csrf, logout, authentication
Cc: Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description (last modified by Alex)

You might be logged out...

http://jsfiddle.net/CqvnJ/

Let's require POST to logout.

Change History (4)

comment:1 Changed 2 years ago by csrf.django@…

  • Needs documentation unset
  • Needs tests unset
  • Patch needs improvement unset
  • Type changed from Uncategorized to Bug
  • Version changed from 1.5 to master

comment:2 Changed 2 years ago by Alex

  • Description modified (diff)

Edited to remove CSRF attack.

comment:3 Changed 2 years ago by dstufft

In the future please err on the side of caution and report any potential security issues to security@… (More details on responsibly disclosing security issues here).

comment:4 Changed 2 years ago by PaulM

  • Resolution set to duplicate
  • Status changed from new to closed

Closing this as a duplicate of https://code.djangoproject.com/ticket/15619

Note: See TracTickets for help on using tickets.
Back to Top