Details
-
Type: Improvement
-
Status: Closed
-
Priority: Major
-
Resolution: Fixed
-
Affects Version/s: EE-3.3.0.GA_P05, 4.3
-
Fix Version/s: EE-3.3.0.GA_P06, EE-4.3.0.GA
-
Component/s: Framework
-
Labels:None
-
Environment:ICEfaces
-
Support Case References:
-
Affects:Documentation (User Guide, Ref. Guide, etc.), Compatibility/Configuration
Description
Constrain partial requests to HTTP POST only to improve the security of the framework.
JSF does not enforce in any way the type of HTTP request used, but it makes sense to only have HTTP POST for partial requests since they are the ones that change the state of the view, session, component and app.
JSF does not enforce in any way the type of HTTP request used, but it makes sense to only have HTTP POST for partial requests since they are the ones that change the state of the view, session, component and app.
Activity
- All
- Comments
- History
- Activity
- Remote Attachments
- Subversion
Mircea Toma
created issue -
Mircea Toma
made changes -
Field | Original Value | New Value |
---|---|---|
Assignee | Mircea Toma [ mircea.toma ] |
Ken Fyten
made changes -
Fix Version/s | EE-3.3.0.GA_P06 [ 13114 ] | |
Fix Version/s | EE-4.3.0.GA [ 13103 ] |
Ken Fyten
made changes -
Affects | Documentation (User Guide, Ref. Guide, etc.),Compatibility/Configuration [ 10003, 10002 ] |
Mircea Toma
made changes -
Status | Open [ 1 ] | Resolved [ 5 ] |
Resolution | Fixed [ 1 ] |
Ken Fyten
made changes -
Status | Resolved [ 5 ] | Closed [ 6 ] |