This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Projects/OWASP .Net CSRF Guard Project

Jump to: navigation, search
What does this OWASP project offer you?
What releases are available for this project?
what is this project?
Name: OWASP .Net CSRF Guard Project (home page)
Purpose: It seems that the root cause of CSRF is cookie-based session IDs that get auto-sent by the browser with each request. What CSRFGuard (Java and this .Net version) therefore try to do is to allow one to continue using Cookie-based sessions by layering on top of this yet another session token that isn't sent in a cookie to essentially attempt to authenticate the HTML page contents and links as belonging to a legitimate session.
License: GNU Lesser GPL
who is working on this project?
Project Leader(s):
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: N/A
Project Roadmap: View
Main links:
Key Contacts
current release
Not Yet Published
last reviewed release
Not Yet Reviewed

other releases