Changes between Initial Version and Version 2 of Ticket #29252
- Timestamp:
- Mar 22, 2018, 9:44:32 PM (6 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #29252
- Property Easy pickings set
-
Ticket #29252 – Description
initial v2 3 3 <img src="http://djangoapp/logout" /> 4 4 }}} 5 on an exploit page could log out the user. While this is a low security risk, it's still a DoS issue and could prevent the user from using the app. 5 on an exploit page could log out the user. While this is a low security risk, it's still a DoS issue and could prevent the user from using the app. 6 7 Instead of fixing the view, it maybe makes sense to just change the [https://docs.djangoproject.com/en/2.0/topics/auth/default/#django.contrib.auth.views.LogoutView docs] to warn the programmer of such a problem and suggest overriding LogoutView and changing dispatch().