Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement CSRF Protection (CRASM-741) #666

Open
hawkishpolicy opened this issue Oct 2, 2024 · 0 comments
Open

Implement CSRF Protection (CRASM-741) #666

hawkishpolicy opened this issue Oct 2, 2024 · 0 comments
Assignees
@hawkishpolicy
Labels
frontend

Comments

@hawkishpolicy
Copy link
Collaborator

🐛 Summary

A part of the Cross-Site Request Forgery issues referenced in the ST&E Findings (CRASM-730), these two items are peculiar in that they have dependencies determined by the new backend Python conversion. 

STE ID Location Code
1280561 xfd_develop/frontend/scripts/api.js:10 10 export const app = express();
1280604 xfd_develop/frontend/scripts/docs.js:8 8 export const app = express();

 

Acceptance Criteria:

Resolve Checkmarx findings for the above mentioned issues.

Any helpful log output or screenshots

Paste the results here:



Add any screenshots of the problem here.

      		
    

      
  





        



            

              
            

        

      


      
    








      

    



      

  
            


    

    

      
    

    


      

          @hawkishpolicy
hawkishpolicy




              self-assigned this


      Oct 2, 2024

    

  












  
  

    

      

  





  




  
  

              

  
    Sign up for free
    to join this conversation on GitHub.
    Already have an account?
    Sign in to comment


  



  






  
                  




    

  


      
  

    Assignees
  



        

      

        

  
      @hawkishpolicy
  
    hawkishpolicy
    

      








      


  


  

    Labels
  



    

      

    frontend









      

  

    

        

    Projects
  


        




    None yet




  



      


  

    
  

    Milestone
  


      No milestone





    
      
          


  

    
      

        
    

    Development
  




            
When branches are created from issues, their pull requests are automatically linked.



  

    

      
    

    

      
        
    666-implement-csrf-protection-crasm-741

      
      
        
    cisagov/XFD

      
    

  





    
  




        
      

    

  
      

  

    

      1 participant
    

    

        
          @hawkishpolicy