This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Talk:Summit 2011 Working Sessions/Session029

From OWASP

Jump to: navigation, search

Use this page to capture discussion about Protecting Against CSRF working session.

1 ESAPI Java CSRF protection in DefaultHTTPUtilities.java
2 CSRFGuard
3 Preventing CSRF with mod_security
4 Prevent CSRF with ModSecurity v2 (Request Validation Tokens via Content Injection)
5 WAF Capabilities to Protect Against CSRF

ESAPI Java CSRF protection in DefaultHTTPUtilities.java

CSRFGuard

Preventing CSRF with mod_security

Prevent CSRF with ModSecurity v2 (Request Validation Tokens via Content Injection)

WAF Capabilities to Protect Against CSRF

User:Achim (following items without any preference, order, ... simply unsorted)

How can WAFs be used for protections?
Which methods can be implemented in frameworks?

Retrieved from "https://wiki.owasp.org/index.php?title=Talk:Summit_2011_Working_Sessions/Session029&oldid=101254"