This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Talk:Summit 2011 Working Sessions/Session029

From OWASP
Jump to: navigation, search
Use this page to capture discussion about Protecting Against CSRF working session.

ESAPI Java CSRF protection in DefaultHTTPUtilities.java

CSRFGuard

Preventing CSRF with mod_security

Prevent CSRF with ModSecurity v2 (Request Validation Tokens via Content Injection)

WAF Capabilities to Protect Against CSRF

User:Achim (following items without any preference, order, ... simply unsorted)

  • How can WAFs be used for protections?
  • Which methods can be implemented in frameworks?