This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

CSRF Protector php library

Jump to: navigation, search

CSRF Protector php library - Standalone php library for mitigating CSRF vulnerability

What is CSRF Protector php library

Its a standalone php library for mitigating Cross Site Request Forgery (CSRF) vulnerabilities in web applications, which can be used with any existing web application or while developing a new one. More information available at github wiki

Features Offered

CSRF Protection provide protection for:

  • Normal HTML forms (POST/GET)
  • Normal Get requests (Not enabled by default)
  • Ajax Requests (XHR)
  • Dynamically generated forms

Damages Mitigated

  • Cross Site Request Forgery

How to contribute

To contribute to the code fork and send a pull to:
GitHub Repo

For discussions, join our mailing list: - Mailing List

Current Status

Version 1.0.0 Released!


All todos for CSRF Protector PHP are listed at: todofy - CSRF Protector PHP

Download Now

- CSRFP php master code