[ICE-11435] Constrain partial requests to HTTP POST only - ICEsoft JIRA Issue Tracker

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: EE-3.3.0.GA_P05, 4.3
Fix Version/s: EE-3.3.0.GA_P06, EE-4.3.0.GA
Component/s: Framework
Labels:
None
Environment:
ICEfaces

Support Case References:
https://icesoft.my.salesforce.com/5000g00001xpFH9
Affects:

Documentation (User Guide, Ref. Guide, etc.), Compatibility/Configuration

Description

Constrain partial requests to HTTP POST only to improve the security of the framework.
JSF does not enforce in any way the type of HTTP request used, but it makes sense to only have HTTP POST for partial requests since they are the ones that change the state of the view, session, component and app.

Activity

Ascending order - Click to sort in descending order

Mircea Toma created issue - 23/Oct/18 5:04 PM

Mircea Toma made changes - 23/Oct/18 5:04 PM

Field	Original Value	New Value
Assignee		Mircea Toma [ mircea.toma ]

Ken Fyten made changes - 23/Oct/18 5:05 PM

Fix Version/s		EE-3.3.0.GA_P06 [ 13114 ]
Fix Version/s		EE-4.3.0.GA [ 13103 ]

Ken Fyten made changes - 01/Nov/18 9:57 AM

Affects

Documentation (User Guide, Ref. Guide, etc.),Compatibility/Configuration [ 10003, 10002 ]

Mircea Toma made changes - 01/Nov/18 1:39 PM

Status	Open [ 1 ]	Resolved [ 5 ]
Resolution		Fixed [ 1 ]

Ken Fyten made changes - 29/Oct/21 5:27 PM

Status

Resolved [ 5 ]

Closed [ 6 ]

People

Assignee:

Mircea Toma

Reporter:

Mircea Toma

Votes:

0 Vote for this issue

Watchers:

1 Start watching this issue

Dates

Created:

23/Oct/18 5:04 PM

Updated:

29/Oct/21 5:27 PM

Resolved:

01/Nov/18 1:39 PM