gAudit: Merge CSRF and XSS prevention from one submission to another

Key Information

The challenge is finished.
Show Deadlines

Challenge Overview

1) Port the ��CSRF prevention code (csrf token validation) from either guarav23 or vishesh91 branches INTO the MASTER branch

2) Fix at least one DOM-based XSS vulnerability in header.jsp (~lines 109-123). ��Ideally you'd clean this up a bit too, since the retrieval of the parameters seems clunky in general.

make clean commits that are easy to understand (no major reformatting, etc)

Reliability Rating and Bonus

For challenges that have a reliability bonus, the bonus depends on the reliability rating at the moment of registration for that project. A participant with no previous projects is considered to have no reliability rating, and therefore gets no bonus. Reliability bonus does not apply to Digital Run winnings. Since reliability rating is based on the past 15 projects, it can only have 15 discrete values.
Read more.


Final Review:

Community Review Board


User Sign-Off


Review Scorecard