Bug#1022770: ITP: ruby-omniauth-rails-csrf-protection -- A gem that provides CSRF protection on OmniAuth request endpoint on Rails application.

To: submit@bugs.debian.org
Subject: Bug#1022770: ITP: ruby-omniauth-rails-csrf-protection -- A gem that provides CSRF protection on OmniAuth request endpoint on Rails application.
From: Abraham Raji <work@abrahamr.in>
Date: Tue, 25 Oct 2022 20:08:30 +0530
Message-id: <[🔎] 0e577f9b-42bd-c69d-1c04-d7063c84200d@abrahamr.in>
Reply-to: Abraham Raji <work@abrahamr.in>, 1022770@bugs.debian.org

package: wnpp
Severity: wishlist
Owner: Abraham Raji <abraham@debian.org>

*Package Name      : ruby-omniauth-rails-csrf-protection
 Version           : 1.0.1
 Upstream Author   : Cookpad Inc.

*URL :https://github.com/cookpad/omniauth-rails_csrf_protection

*License           : Expat
 Programming Lang  : Ruby

*Description : A gem that provides CSRF protection on OmniAuthrequest endpoint on Rails application.

This gem provides a mitigation against [CVE-2015-9284] (Cross-SiteRequest Forgery on the request phase when using OmniAuth gem with a Rubyon Rails application) by implementing a CSRF token verifier thatdirectly uses ActionController::RequestForgeryProtection code from Rails.


.

This gem is required for the gitlab 15.4.0 update.

- Abraham

Attachment: OpenPGP_0xF67DA33EE71DFDA9.asc
Description: OpenPGP public key

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

Reply to:

Prev by Date: Bug#928531: marked as done (O: varmon -- VA RAID monitor)
Next by Date: Bug#1022774: ITP: itinerary -- Digital travel assistant protecting your privacy
Previous by thread: Bug#928531: marked as done (O: varmon -- VA RAID monitor)
Next by thread: Bug#1022774: ITP: itinerary -- Digital travel assistant protecting your privacy
Index(es):
- Date
- Thread