|author||Andrew Gerrand <firstname.lastname@example.org>||Thu Aug 31 16:54:34 2017 +1000|
|committer||Andrew Gerrand <email@example.com>||Fri Sep 01 06:53:16 2017 +0000|
cmd/browser: strengthen cross-site request forgery prevention This extends XSRF token checking to the startup method and when fetching Upspin content. The latter is particularly important as tricking someone into retrieving a file from Upspin space could lead them to trigger some dynamic interaction with an Upspin server, which could be bad. We now generate a single access token for all browser XHR requests, and individual file tokens for accessing specific Upspin paths. We provide the access token in the URL that the browser opens, so that it's not possible to obtain the token by sending an HTTP request to the server. This makes it less likely that a malicious actor could make requests to the server and therefore act as the Upspin user. Change-Id: Ie63f66dfd137d3364993d5427de6a4c3c07aafd1 Reviewed-on: https://upspin-review.googlesource.com/12420 Reviewed-by: Rob Pike <firstname.lastname@example.org>
This repository contains components that are experimental or under development.
See the master repository for more information.