Cross-Site Request Forgery (CSRF) - General Discussions - General Discussions - Progress Community
 General Discussions

Cross-Site Request Forgery (CSRF)

  • Cross-Site Request Forgery (CSRF)
  • They will have some mechanism to prevent Cross-Site Request Forgery (CSRF) from Sitefinity?
  • Hello Omar,

    Sitefinity checks authentication and the referrer header for each request and also utilizes the Claims model of authentication with verified techniques for prevention of CSRF.

    There is a document available for download concerning security in Sitefinity:

    Sitefinity Security and Best Practices

    Regards,
    Kaloyan
    Telerik
     
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Sitefinity CMS Ideas&Feedback Portal and vote to affect the priority of the items