mirror of
https://git.FreeBSD.org/ports.git
synced 2025-01-10 07:04:03 +00:00
f9aff98bb8
Basic/extra mitigation against the BREACH attack for Django projects. django-debreach provides additional protection to Django's built in CSRF token masking by randomizing the content length of each response. This is achieved by adding a random string of between 12 and 25 characters as a comment to the end of the HTML content. Note that this will only be applied to responses with a content type of text/html. WWW: https://github.com/lpomfrey/django-debreach
11 lines
465 B
Plaintext
11 lines
465 B
Plaintext
Basic/extra mitigation against the BREACH attack for Django projects.
|
|
|
|
django-debreach provides additional protection to Django's built in CSRF token
|
|
masking by randomizing the content length of each response.
|
|
|
|
This is achieved by adding a random string of between 12 and 25 characters as a
|
|
comment to the end of the HTML content. Note that this will only be applied to
|
|
responses with a content type of text/html.
|
|
|
|
WWW: https://github.com/lpomfrey/django-debreach
|