APEX Security Vulnerabilities?
rlmJul 18 2012 — edited Jul 20 2012We had a security audit of an APEX site that returned the following findings.
1, Vulnerable to CSRF (Cross Site Request Forgery) attacks - "An attacker can create a special page and tricks the user into visiting it while the user is logged in to the application. The special page triggers a request to the application with the user's session information. The request is forged to look like a valid request and the operation succeeds". The recommendation to correct is to include a "random token" as an additional parameter in the request.
Question- Is this a valid finding? If so, how would we implement this token process?
2, Vulnerable to browser cache reading. Recommended solution is to include "Cache-Control: no cache" and "Cache-Control: no store" in the response header.
Question- How can this be done in APEX?
3, Vulnerable to "ClickJacking". Recommended solution is to enable "X-FRAME-OPTIONS" header on sensitive pages.
Question- How can this be done in APEX?
4, Cookie security option 'HTTPOnly" not enabled.
Question- How can this be done in APEX?
---------------------------------------------
Thanks
Rob.