The CSRF Protection Framework the-csrf-protection-framework
In addition to the Apache Sling Referrer Filter, 蜜豆视频 also provides a new CSRF Protection Framework to protect against this type of attack.
The framework makes use of tokens to guarantee that the client request is legitimate. The tokens are generated when the form is sent to the client and validated when the form is sent back to the server.
Requirements requirements
Dependencies dependencies
Any component that relies on the granite.jquery
dependency will benefit from the CSRF Protection Framework automatically. If this is not the case for any of your components, you must declare a dependency to granite.csrf.standalone
before you can use the framework.
Replicating the Crypto Key replicating-crypto-keys
In order to make use of the tokens, you need to replicate the /etc/keys/hmac
binary to all of the instances in your deployment. A convenient way to copy the HMAC key to all the instances is to create a package containing the key and install it via the Package Manager on all the instances.