tracker issue : CF-4118885

select a category, or use search below
(searches all categories and all time range)

[AF] - Security Analyiser - Incorrect support for depreciated cfform

| View in Tracker

Status/Resolution/Reason: Closed/Withdrawn/NotABug

Reporter/Name(from Bugbase): Aaron Foote / Aaron Foote (Aaron Foote)

Created: 02/17/2016

Components: Security Analyzer

Versions: 2016

Failure Type:

Found In Build/Fixed In Build: CF2016_Final /

Priority/Frequency: Minor / All users will encounter

Locale/System: English / Windows 10 64 bit

Vote Count: 0

The security Analyizer's CSRF functionally ONLY works on CFForm

 - CFFORM is depreciated and should not be receiving new features
 - As CFFORM is depreciated it should not be appearing in the docs in either code examples or used to highlight new features
 - Adobe should not be implicitly supporting the use of depreciated features
 - It is disingenuous to claim the Security Analyizer can detect CSRF.

----------------------------- Additional Watson Details -----------------------------

Watson Bug ID:	4118885

External Customer Info:
External Company:  
External Customer Name: Aaron Foote
External Customer Email:  
External Test Config: My Hardware and Environment details:



The flash and XML forms are on the deprecated list but not the HTML form.
Comment by S P.
4716 | February 22, 2016 03:38:21 AM GMT