More in this section

Forums / General Discussions / Cross-Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF)

2 posts, 0 answered
  1. Omar
    Omar avatar
    8 posts
    24 Dec 2013
    25 Jun 2014
    Link to this post
    They will have some mechanism to prevent Cross-Site Request Forgery (CSRF) from Sitefinity?
  2. Kaloyan
    Kaloyan avatar
    272 posts
    06 Feb 2017
    26 Jun 2014
    Link to this post
    Hello Omar,

    Sitefinity checks authentication and the referrer header for each request and also utilizes the Claims model of authentication with verified techniques for prevention of CSRF.

    There is a document available for download concerning security in Sitefinity:

    Sitefinity Security and Best Practices

    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Sitefinity CMS Ideas&Feedback Portal and vote to affect the priority of the items
2 posts, 0 answered