CSRF/XSRF protection on ProductTemplate.Simple.cshtml and ProductTemplate.Grouped.cshtml

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.

Messaggi totali: 3
Karma: 15
Sottoscritto: 13/06/2016
Località: United States

Inviato: 7 anni tempo fa

Hi Everyone,

I am new to the forum and looking to use nopCommerce for one of our websites. We did a prototype for the website and also look into the security for nopCommerce. I am wondering if the ProductTemplate.Simple.cshtml and ProductTemplate.Grouped.cshtml needs CSRF protection. Anyone have suggestions or comments regarding this?

It looks like all of the product details does not have any CSRF protection on it.

Thanks
Sim

L.K

MVP

Bronze Solution Partner

Messaggi totali: 2898
Karma: 23165
Sottoscritto: 08/01/2010
Località: United States

Inviato: 7 anni tempo fa

[email protected] wrote:

Hi Sim,

Please see:

https://www.nopcommerce.com/boards/t/25962/cross-site-request-forgery-csrf-prevention.aspx

https://www.nopcommerce.com/boards/t/33952/cross-site-request-forgeryconfused-deputy-problem.aspx

Also, see the "Improvements" point# 1 in 3.60 release notes: https://www.nopcommerce.com/releasenotes.aspx

FREE nopCommerce Support? Visit www.StrivingProgrammers.com

Best place for FREE nopCommerce Themes & Plugins

www.StrivingProgrammers.com
A trusted community for developers & web-design enthusiast

http://www.StrivingProgrammers.com/blog
Browse hundreds of FREE how-to tutorials

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.

Hai ancora qualche domanda o hai bisogno di aiuto?

. Servizi di supporto premium . Ottieni supporto dedicato dal team di nopCommerce con una risposta garantita entro 24 ore.

. Corso online per sviluppatori . Ottieni le competenze pratiche e tecniche necessarie per gestire e personalizzare i siti web realizzati con nopCommerce.