This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Talk:Summit 2011 Working Sessions/Session029

Jump to: navigation, search
Use this page to capture discussion about Protecting Against CSRF working session.

ESAPI Java CSRF protection in


Preventing CSRF with mod_security

Prevent CSRF with ModSecurity v2 (Request Validation Tokens via Content Injection)

WAF Capabilities to Protect Against CSRF

User:Achim (following items without any preference, order, ... simply unsorted)

  • How can WAFs be used for protections?
  • Which methods can be implemented in frameworks?