Blog

cbSecurity 2.4 Released

ColdBox MVC, Modules, News, Releases
Luis Majano April 02, 2020

Spread the word

Luis Majano

April 02, 2020

Spread the word

Share your thoughts

Ortus Solutions

We are excited to bring you another release for cbSecurity v2.4. This update gives you access to our cross site request forgery module: cbcsrf, which will enhance your securing abilities.

# Install
install cbsecurity

# Update
update cbsecurity

What's New With 2.4.0

This release adds the inclusion of the Cross Site Request Forgery module into cbsecurity: cbcsrf. You can find all the details about this module here: https://github.com/coldbox-modules/cbcsrf. Below are the major features of this module:

Features

  • Ability to generate security tokens based on your session
  • Automatic token rotation when leveraging cbauth login and logout operations
  • Ability to on-demand rotate all security tokens for specific users
  • Leverages cbStorages to store your tokens in CacheBox, which can be easily distributed and clustered
  • Ability to create multiple tokens via unique reference keys
  • Auto-verification interceptor that will verify all non-GET operations to ensure a security token is passed via rc or headers
  • Auto-sensing of integration testing so the verifier can allow testing calls
  • Token automatic rotation on specific time periods for enhance security
  • Helpers to automatically generate hidden fields for the token
  • Automatic generation endpoint that can be used for Ajax applications to request tokens for users

Add Your Comment

Recent Entries

Into the Box 2025 | Plan Your Trip With Us!

Into the Box 2025 | Plan Your Trip With Us!

Are you ready to join us for Into the Box 2025 from April 30th to May 2nd in Washington, D.C.? Let’s make your trip planning as smooth as possible. Here you’ll find Airfare discounts, Hotel Deals and fun things to do to the the best out of your trip to D.C.

Maria Jose Herrera
Maria Jose Herrera
January 29, 2025
BoxLang YAML Support has landed

BoxLang YAML Support has landed

We’re thrilled to introduce the bx-yaml module for BoxLang!

This powerful new module brings seamless YAML parsing and emitting capabilities to BoxLang. You can now effortlessly serialize BoxLang native types—including structs, queries, arrays, classes, and more—into YAML. The same simplicity applies to deserialization, making it easy to work with YAML data in your BoxLang applications.

Luis Majano
Luis Majano
January 28, 2025
TestBox v6.1.0 Release

TestBox v6.1.0 Release

We’re super excited to announce the release of TestBox 6.1.0! This release introduces native support for BoxLang without the need for a compatibility mode, unlocking new possibilities for developers embracing BoxLang’s dynamic capabilities. Alongside this exciting update, we’ve added valuable features, improved functionality, and resolved key issues to ensure a smoother and more robust testing experience. Dive into the details and see how TestBox 6.1.0 makes your testing even more seamless and efficient!

Luis Majano
Luis Majano
January 28, 2025