More in this section
Forums / General Discussions / Cross-Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF)

The forums are in read-only mode. In case that you want to directly contact the Progress Sitefinity team use the support center. In our Google Plus group you can find more than one thousand Sitefinity developers discussing different topics. For the Stack Overflow threads don’t forget to use the “Sitefinity” tag.
2 posts, 0 answered
  1. Omar
    Omar avatar
    8 posts
    Registered:
    24 Dec 2013
    25 Jun 2014
    Link to this post
    They will have some mechanism to prevent Cross-Site Request Forgery (CSRF) from Sitefinity?
  2. Kaloyan
    Kaloyan avatar
    272 posts
    Registered:
    06 Feb 2017
    26 Jun 2014
    Link to this post
    Hello Omar,

    Sitefinity checks authentication and the referrer header for each request and also utilizes the Claims model of authentication with verified techniques for prevention of CSRF.

    There is a document available for download concerning security in Sitefinity:

    Sitefinity Security and Best Practices

    Regards,
    Kaloyan
    Telerik
     
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Sitefinity CMS Ideas&Feedback Portal and vote to affect the priority of the items
     
2 posts, 0 answered