Blog

cbSecurity 2.4 Released

ColdBox MVC, Modules, News, Releases
Luis Majano April 02, 2020

Spread the word

Luis Majano

April 02, 2020

Spread the word

Share your thoughts

Ortus Solutions

We are excited to bring you another release for cbSecurity v2.4. This update gives you access to our cross site request forgery module: cbcsrf, which will enhance your securing abilities.

# Install
install cbsecurity

# Update
update cbsecurity

What's New With 2.4.0

This release adds the inclusion of the Cross Site Request Forgery module into cbsecurity: cbcsrf. You can find all the details about this module here: https://github.com/coldbox-modules/cbcsrf. Below are the major features of this module:

Features

  • Ability to generate security tokens based on your session
  • Automatic token rotation when leveraging cbauth login and logout operations
  • Ability to on-demand rotate all security tokens for specific users
  • Leverages cbStorages to store your tokens in CacheBox, which can be easily distributed and clustered
  • Ability to create multiple tokens via unique reference keys
  • Auto-verification interceptor that will verify all non-GET operations to ensure a security token is passed via rc or headers
  • Auto-sensing of integration testing so the verifier can allow testing calls
  • Token automatic rotation on specific time periods for enhance security
  • Helpers to automatically generate hidden fields for the token
  • Automatic generation endpoint that can be used for Ajax applications to request tokens for users

Add Your Comment

Recent Entries

ColdBox 7.2.0 Released

ColdBox 7.2.0 Released

ColdBox, a widely used development platform for ColdFusion (CFML), has unveiled version 7.2. Packed with compelling new features, bug fixes, and enhancements, this release is designed to empower developers by boosting productivity, refining scheduled task capabilities, and enhancing the overall reliability and efficiency of application development. This article will delve into the key highlights of ColdBox 7.2 and elucidate how these advancements can positively impact developers in their daily coding endeavors.

Luis Majano
Luis Majano
November 20, 2023
Into the Box 2023 Series on CFCast

Into the Box 2023 Series on CFCast

Excitement is in the air as we unleash the highly anticipated ITB 2023 series exclusively for our valued CFCast subscribers – and the best part? It's FREE for CFCast members! Now is the perfect time if you haven't joined the CFCast community yet. Plus, we've got an incredible End-of-Year deal that's too good to miss

Maria Jose Herrera
Maria Jose Herrera
November 20, 2023
Ortus Deals are Finally Here!

Ortus Deals are Finally Here!

The much-anticipated Ortus End-of-the-Year Sale has arrived, and it's time to elevate your development experience! Whether you're a seasoned developer, a tech enthusiast, or someone on the lookout for top-notch projects, Ortus has something special in store for you. Brace yourself for incredible discounts across a wide array of products and services, including Ortus annual events, books, cutting-edge services, and more.

Maria Jose Herrera
Maria Jose Herrera
November 15, 2023