Mercurial > p > roundup > code
view website/issues/html/home.html @ 5212:d4cc71beb102
Added support for SameSite cookie option for CSRF prevention
This was an easy addon compared to the complexity of the CSRF nonce
support. It only works in chromium browsers (Chrome, Opera...) at
the moment. But there is recent activity on implementing it in
firefox. Who know when edge/ie will adopt it. So csrf nonce and
header analysis will be needed for a while.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Sun, 19 Mar 2017 19:01:41 -0400 |
| parents | c2d0d3e9099d |
| children |
line wrap: on
line source
<!-- This is the default body that is displayed when people visit the tracker. The tag below lists the currently open issues. You may replace it with a greeting message, or a different list of issues or whatever. It's a good idea to have the issues on the front page though --> <span tal:replace="structure python:db.issue.renderWith('index', sort=[('-', 'activity')], filter=['status'], columns=['activity','title','creator'], filterspec={'status':['1','2','4']})" />