cbSecurity 2.4 Released

ColdBox MVC, Modules, News, Releases

Luis Majano April 02, 2020

Spread the word

Luis Majano

April 02, 2020

Spread the word

Share your thoughts

We are excited to bring you another release for cbSecurity v2.4. This update gives you access to our cross site request forgery module: cbcsrf, which will enhance your securing abilities.

# Install
install cbsecurity

# Update
update cbsecurity

What's New With 2.4.0

This release adds the inclusion of the Cross Site Request Forgery module into cbsecurity: cbcsrf. You can find all the details about this module here: https://github.com/coldbox-modules/cbcsrf. Below are the major features of this module:

Features

Ability to generate security tokens based on your session
Automatic token rotation when leveraging cbauth login and logout operations
Ability to on-demand rotate all security tokens for specific users
Leverages cbStorages to store your tokens in CacheBox, which can be easily distributed and clustered
Ability to create multiple tokens via unique reference keys
Auto-verification interceptor that will verify all non-GET operations to ensure a security token is passed via rc or headers
Auto-sensing of integration testing so the verifier can allow testing calls
Token automatic rotation on specific time periods for enhance security
Helpers to automatically generate hidden fields for the token
Automatic generation endpoint that can be used for Ajax applications to request tokens for users

Ortus June 2024 Newsletter!

Welcome to the latest edition of the Ortus Newsletter! This month, we're excited to bring you highlights from our sessions at CFCamp and Open South Code, as well as a sneak peek into our upcoming events. Discover the latest developments in BoxLang, our dynamic new JVM language, and catch up on all the insightful presentations by our expert team. Let's dive in!

BoxLang June 2024 Newsletter!

We're thrilled to bring you the latest updates and exciting developments from the world of BoxLang. This month, we're diving into the newest beta release, introducing a new podcast series, showcasing innovative integrations, and sharing insights from recent events. Whether you're a seasoned developer or just getting started, there's something here for everyone to explore and enjoy.

BoxLang 1.0.0 Beta 3 Launched

We are thrilled to announce the release of BoxLang 1.0.0-Beta 3! This latest beta version is packed with exciting new features and essential bug fixes, including robust encryption functionality, enhanced Java interoperability, and more efficient event handling. Key highlights include the introduction of query caching capabilities, seamless coercion of Java Single Abstract Method (SAM) interfaces from BoxLang functions, and support for virtual thread executors. So, let’s dive into the details of what’s new in BoxLang 1.0.0-Beta 3 and how you can start leveraging these updates today!

Blog