Blog

cbSecurity 2.4 Released

Luis Majano April 02, 2020

Spread the word

Luis Majano

April 02, 2020

Spread the word


Share your thoughts

We are excited to bring you another release for cbSecurity v2.4. This update gives you access to our cross site request forgery module: cbcsrf, which will enhance your securing abilities.

# Install
install cbsecurity

# Update
update cbsecurity

What's New With 2.4.0

This release adds the inclusion of the Cross Site Request Forgery module into cbsecurity: cbcsrf. You can find all the details about this module here: https://github.com/coldbox-modules/cbcsrf. Below are the major features of this module:

Features

  • Ability to generate security tokens based on your session
  • Automatic token rotation when leveraging cbauth login and logout operations
  • Ability to on-demand rotate all security tokens for specific users
  • Leverages cbStorages to store your tokens in CacheBox, which can be easily distributed and clustered
  • Ability to create multiple tokens via unique reference keys
  • Auto-verification interceptor that will verify all non-GET operations to ensure a security token is passed via rc or headers
  • Auto-sensing of integration testing so the verifier can allow testing calls
  • Token automatic rotation on specific time periods for enhance security
  • Helpers to automatically generate hidden fields for the token
  • Automatic generation endpoint that can be used for Ajax applications to request tokens for users

Add Your Comment

Recent Entries

Ortus Will be at Adobe CF Summit 2022!

Ortus Will be at Adobe CF Summit 2022!

4 of our Ortusians will be speaking at CF Summit this year from Oct 3 - 4 in Las Vegas, Nevada. Here are all the details you need to join us and enjoy valuable CFML content to modernize your projects! We are sponsoring the event and will have a booth for you to come by and have a chat with our team!

Maria Jose Herrera
Maria Jose Herrera
September 27, 2022
Prefetching in CBWIRE

Prefetching in CBWIRE

When I want to increase the perceived speed of my CBWIRE apps, one tool I reach for is prefetching. Prefetching is a built-in feature of Livewire JS that allows you to invoke an Action's results on mouseOver.

Grant Copley
Grant Copley
September 20, 2022
Into the Box 2022 - Conference Recap

Into the Box 2022 - Conference Recap

This years Into the Box has just wrapped up, but we are already preparing for 2023’s Into the Box, May, Houston Texas! The event was a huge success, we had solid attendance in person, and almost doubled our online viewership from 2021, great feedback from attendees in Houston, and online. So many attendees didn’t say goodbye at the end of the conference, they said see you next year, which, as an organizer lets you know you’ve done things right, and the hard work has paid off.

Gavin Pickin
Gavin Pickin
September 16, 2022