#34990 closed Cleanup/optimization (fixed)
Change external link for CSRF reference docs to OWASP
Reported by: | Timothy Schilling | Owned by: | Timothy Schilling |
---|---|---|---|
Component: | Documentation | Version: | dev |
Severity: | Normal | Keywords: | csrf, documentation, owasp |
Cc: | Triage Stage: | Accepted | |
Has patch: | yes | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | no | UI/UX: | no |
Description
The CSRF reference docs links to https://www.squarefree.com/securitytips/web-developers.html#CSRF
I propose it should link to https://owasp.org/www-community/attacks/csrf#overview
Open Worldwide Application Security Project (OWASP) is the standard for security related questions, we should be pushing developers to that resource. Beyond that, the examples on that page do a much better job of explaining a CSRF attack and how to protect against it.
Change History (5)
comment:1 by , 12 months ago
Has patch: | set |
---|
comment:2 by , 12 months ago
Triage Stage: | Unreviewed → Accepted |
---|
Note:
See TracTickets
for help on using tickets.
PR