You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm new to Grails, but I'm not surprised to discover that formRemote has been removed from Grails3, since it's by-default vulnerable to CSRF due to the lack of support for useToken (and all requests go through POST by default, it they were going through GET at least there could've been the assumption that the request wouldn't modify data on the backend).
Is this library still maintaned and thus can a fix be expected? Or does this exists only to assuage porting of Grails2 apps to Grails3, and thus people should migrate away from formRemote asap?
Thank you
The text was updated successfully, but these errors were encountered:
I'm new to Grails, but I'm not surprised to discover that
formRemotehas been removed from Grails3, since it's by-default vulnerable to CSRF due to the lack of support foruseToken(and all requests go through POST by default, it they were going through GET at least there could've been the assumption that the request wouldn't modify data on the backend).See also this SO question
Is this library still maintaned and thus can a fix be expected? Or does this exists only to assuage porting of Grails2 apps to Grails3, and thus people should migrate away from
formRemoteasap?Thank you
The text was updated successfully, but these errors were encountered: