Using GET requests for object actions in the django-object-actions extension (or any framework) can pose significant security risks, particularly in the context of CSRF. Let's break this down in detail:

Why Using GET for Actions Is Problematic
CSRF Vulnerability:

A CSRF attack tricks authenticated users into performing unwanted actions by making them visit a maliciously crafted URL.
Since GET requests don't typically require CSRF tokens, they are more susceptible to such attacks when used for actions.

Example: https://example.com/admin/app/model/object/action?param=value
An attacker could embed this URL in an image tag, email, or script, causing an authenticated admin to unknowingly execute the action.

Violates HTTP Semantics:

The HTTP spec dictates that GET should be safe and idempotent, meaning it should not modify server state. Using GET for actions violates this principle.
Caching Risks:

Intermediaries like proxies or browsers might cache GET responses. If your action modifies data or has sensitive side effects, caching can lead to unpredictable behavior.
Log Exposure:

Sensitive data included in GET query parameters may be logged in server logs, browser histories, or analytics systems.
Specific Risks with django-object-actions
The django-object-actions extension simplifies adding actions to Django admin, often using buttons or links. However, if these actions rely on GET requests:

Unintentional Triggering: Buttons rendered as links can be triggered by crawlers or accidental clicks.
CSRF Exploits: Attackers can embed action URLs to exploit authenticated users.

How do you secure your GET requests from CSRF? #177

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions