From 0189b3d39c300a635be9ab77b0ca09c8df15d12a Mon Sep 17 00:00:00 2001 From: Dennis Eichhorn Date: Sat, 23 Mar 2019 19:21:16 +0100 Subject: [PATCH] fix summary --- SUMMARY.md | 42 ++++++++++++++++++++------------- security/security_guidelines.md | 6 ++--- 2 files changed, 28 insertions(+), 20 deletions(-) diff --git a/SUMMARY.md b/SUMMARY.md index 8e050dd..1bf355c 100644 --- a/SUMMARY.md +++ b/SUMMARY.md @@ -33,23 +33,6 @@ * [DataMapper]({%}?page=datastorage/database/datamapper) * [Queries]({%}?page=datastorage/database/queries) -## Services -* [Filesystem]({%}?page=services/filesystem) -* [Mail]({%}?page=services/mail) -* [Money]({%}?page=services/money) -* [Uri]({%}?page=services/uri) -* [Logging]({%}?page=services/logging) -* [Localization]({%}?page=services/localization) -* [Events]({%}?page=services/events) -* [Tasks]({%}?page=services/tasks) -* [Queues]({%}?page=services/queues) -* [Collection]({%}?page=services/collection) -* [Validation]({%}?page=services/validation) -* [Charting]({%}?page=services/charting) -* [Encoding]({%}?page=services/encoding) -* [Encryption]({%}?page=services/encryption) -* [Codes]({%}?page=services/codes) - ## Code Quality * [Code Quality]({%}?page=quality/code_quality) * [Inspections]({%}?page=quality/inspections) @@ -61,3 +44,28 @@ ## Components * [Modules]({%}?page=components/modules) * [Packages]({%}?page=components/packages) +* [Charting]({%}?page=services/charting) +* [Codes]({%}?page=services/codes) + +## System +* [Events]({%}?page=services/events) +* [Filesystem]({%}?page=services/filesystem) +* [Logging]({%}?page=services/logging) +* [Tasks]({%}?page=services/tasks) + +## Message +* [Mail]({%}?page=services/mail) +* [Encoding]({%}?page=services/encoding) +* [Encryption]({%}?page=services/encryption) + +## Localization +* [Localization]({%}?page=services/localization) +* [Money]({%}?page=services/money) + +## Stdl +* [Queues]({%}?page=services/queues) +* [Collection]({%}?page=services/collection) + +## Helper +* [Validation]({%}?page=services/validation) +* [Uri]({%}?page=services/uri) \ No newline at end of file diff --git a/security/security_guidelines.md b/security/security_guidelines.md index 1f14077..967420c 100644 --- a/security/security_guidelines.md +++ b/security/security_guidelines.md @@ -2,7 +2,7 @@ ## CSRF -The tool to protect clients from CSRF is a randomly generated CSRF token, that can be used inside the URI generator. It's highly recomended to make use of this token whenever possible to reduce the risk of CSRF attacks. +The tool to protect clients from CSRF is a randomly generated CSRF token, that can be used inside the URI generator. It's highly recommended to make use of this token whenever possible to reduce the risk of CSRF attacks. Example usage: @@ -12,7 +12,7 @@ Example usage: ``` -Now the application will receive the automatically generated CSRF token as query parameter for further use. If the CSRF token is not the same as the one assoziated with the client on the server side the client will receive a 403 HTTP response. The CSRF however doesn't have be specified, if that's the case **every module itself must make sure whether a valid CSRF token is required** or not. The reason for this is that third party requests are a possibility as well, and sharing the private CSRF token would render it useless. +Now the application will receive the automatically generated CSRF token as query parameter for further use. If the CSRF token is not the same as the one associated with the client on the server side the client will receive a 403 HTTP response. The CSRF however doesn't have be specified, if that's the case **every module itself must make sure whether a valid CSRF token is required** or not. The reason for this is that third party requests are a possibility as well, and sharing the private CSRF token would render it useless. Since the validation of the CSRF token is performed automatically it is only necessary to check the existence, since if it exists it has to be valid. @@ -91,7 +91,7 @@ $response->getHeader()->set('x-frame-options', 'SAMEORIGIN'); ## Super globals -Super globals are not available througout the application and the values can only be accesed through middleware classes like: +Super globals are not available throughout the application and the values can only be accessed through middleware classes like: * SessionManager * CookieJar