1 - About

In combostrap, we are taking security very seriously.

2 - Prevention

Below are the steps that we have taken to prevent the following attack.

2.1 - Cross-site request attack

Every form uses a token to prevent a cross-site request attack (CSRF))

2.2 - Injection Attack

To prevent an injection attack

  • every HTML output is escaped to prevent HTML/Javascript injection.
  • every SQL input is passed through parameters to prevent SQL injection

3 - Dokuwiki

Dokuwiki follows also this rules (see devel:security). We are making use of the CSRF token functionality.

4 - Reporting Security Issues

For any security concern or issue, you can contact us at security [at] combostrap [dot] com

Powered by ComboStrap