Property name |
glide.security.csrf.strict.validation.mode |
Configuration type |
System Properties (/sys_properties_list.do) |
Configure in Instance Security Center |
Yes |
Purpose |
To enforce strict validation of CSRF token, and prevents its reuse. |
Recommended value |
true |
Functional impact |
(Medium) This remediation enables an extra validation step before the instance
user submits a write request to the instance. It checks whether the current CSRF
token has been used previously. If Yes, it prevents submission of further write
requests. |
Security risk |
(Medium) Cross site Request Forgery is a significant security risk that
violates the integrity of the instance data. An attacker can launch the CSRF attack
on any instance user by abusing the trust of the instance user. With the help of
social engineering attacks, a user can submit a malformed request to the instance on
behalf of the attacker. |