Uploaded image for project: 'Bitbucket Cloud'
  1. Bitbucket Cloud
  2. BCLOUD-3360

I have a bone to pick with you about CSRF.

    XMLWordPrintable

Details

    Description

      This if feedback regarding your signup process and your issues process, pretty much every sensitive form you have...

      Checking referrer fields is not CSRF mitigation, In fact I am surprised you haven't had more complaints about it.

      Also your error page is big and ugly, and discloses details on how to ex-filtrate more information from your system, indicating the use of "DEBUG=True".

      I had to switch from FF 8.0 because I couldn't submit any forms on my main browser...

      Attachments

        Activity

          People

            93e1e5ba154a aiiie
            Anonymous Anonymous
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: