• Compete
  • Learn
  • Community
ico-magnifying_glass

    gAudit: Merge CSRF and XSS prevention from one submission to another

    PRIZES

    1st

    $150

    Register
    Submit
    The challenge is finished.
    Show Deadlines icon-arrow-up

    Challenge Overview


    1) Port the ��CSRF prevention code (csrf token validation) from either guarav23 or vishesh91 branches INTO the MASTER branch

    2) Fix at least one DOM-based XSS vulnerability in header.jsp (~lines 109-123). ��Ideally you'd clean this up a bit too, since the retrieval of the parameters seems clunky in general.

    make clean commits that are easy to understand (no major reformatting, etc)

    Reliability Rating and Bonus

    For challenges that have a reliability bonus, the bonus depends on the reliability rating at the moment of registration for that project. A participant with no previous projects is considered to have no reliability rating, and therefore gets no bonus. Reliability bonus does not apply to Digital Run winnings. Since reliability rating is based on the past 15 projects, it can only have 15 discrete values.
    Read more.

    REVIEW STYLE:

    Final Review:

    Community Review Board
    ?

    Approval:

    User Sign-Off
    ?

    CHALLENGE LINKS:

    Review Scorecard