0
 Followers
1
 Like

CSRF token validation

Backend
New

It will be very good if OS give CSRF token by default without manually doing something like session values with hidden input.
Also the same for API and Mobile apps.

Created on 28 May
Comments (4)

Changed the category to Backend


Hi Amol,


https://success.outsystems.com/Support/Enterprise_Customers/Maintenance_and_Operations/How_OutSystems_Platform_helps_you_develop_secure_applications/05_Protecting_OutSystems_apps_from_Cross_Site_Request_Forgery_attacks

"The current version of the OutSystems platform has built-in protection against CSRF attacks for POST requests, as described in https://success.outsystems.com/Evalu...ith_OutSystems.

Refer to this page only for old OutSystems platform versions."


Best,


Joao


Yep as Joao said it's built in. We have had third party penertration testing done on our projects and passed CSRF checks 

Thanks Joao,

I will try to implement the same. 

views
348
Followers
0