Implement logic that handles Anti-CRSF tokens in kendo.all.min.js, in order to avoid triggering security alerts when testing for security compliance (e.g., with OWASP ZAP).
1 comment
Dion
Posted on:26 Feb 2023 05:23
For clarity on this one. The request is not for a full Anti-CRSF implementation. That would be good and there really should be a default built into Kendo forms. However, the request is to at least adjust the JS file so that it is not constantly flagging all the security tools. This requires manual edits to the Kendo JS file that could be avoided and easily addressed.