hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-23 04:06:37 +01:00
Code Issues Packages Projects Releases Wiki Activity

python: update qhelp

Browse Source 
removing custom middleware stack
will _not_ enable CSRF protection
This commit is contained in:
Rasmus Lerchedahl Petersen
2022-03-25 11:49:06 +01:00
parent 85f1d92a0d
commit 778a88f32c
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
python/ql/src/Security/CWE-352/CSRFProtectionDisabled.qhelp
View File

@@ -47,7 +47,7 @@
<p> <p>
The protecting middleware was probably commented out during a testing phase, when server-side token generation was not set up. The protecting middleware was probably commented out during a testing phase, when server-side token generation was not set up.
Simply commenting it back in (or remove the custom middleware stack) will enable CSRF protection. Simply commenting it back in will enable CSRF protection.
</p> </p>
</example> </example>