[CKAN-Security] /util/redirect and referrer-based CSRF mitigation
David Read
david.read at hackneyworkshop.com
Mon Nov 17 10:15:46 UTC 2014
Thrawn,
Great that you're talking about adding in basic CSRF protection by
checking the referrer. Can you simply disallow requests that are
referred by the redirect page?
David
On 16 November 2014 23:56, Thrawn <shell_layer-github at yahoo.com.au> wrote:
>
> Hi, folks.
>
> As mentioned at https://github.com/ckan/ckan/issues/1419, the open redirect on /util/redirect is a concern because it allows attackers to bypass referrer checks. Which aren't a great defence against CSRF in the first place, of course, but they're the simplest to implement without touching the codebase.
>
> Can anyone clarify whether this would restrict attackers to GET requests, or whether it would also allow forgery of referrer on cross-site POSTs?
>
> Thrawn
> _______________________________________________
> CKAN security
> https://lists.okfn.org/mailman/listinfo/security
> https://lists.okfn.org/mailman/options/security/david.read%40hackneyworkshop.com
>
> Repo: https://github.com/ckan/ckan-security
More information about the Security
mailing list