This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Projects/OWASP .Net CSRF Guard Project"

From OWASP
Jump to: navigation, search
(Created page with "{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Project About</noinclude> | project_name = OWASP .Net CSRF Guard Project | project_home_page = .Net CSRF Guard | proje...")
 
 
Line 5: Line 5:
 
| project_home_page = .Net CSRF Guard
 
| project_home_page = .Net CSRF Guard
  
| project_description =  
+
| project_description = It seems that the root cause of CSRF is cookie-based session IDs that get auto-sent by the browser with each request. What CSRFGuard (Java and this .Net version) therefore try to do is to allow one to continue using Cookie-based sessions by layering on top of this yet another session token that isn't sent in a cookie to essentially attempt to authenticate the HTML page contents and links as belonging to a legitimate session.
  
| project_license =  
+
| project_license = [http://www.gnu.org/licenses/lgpl.html GNU Lesser GPL]
  
| leader_name1 =  
+
| leader_name1 = Jason Axley
| leader_email1 =  
+
| leader_email1 = [email protected]
| leader_username1 =  
+
| leader_username1 = Jaxley
  
 
| contributor_name1 =
 
| contributor_name1 =
Line 27: Line 27:
 
| mailing_list_name =  
 
| mailing_list_name =  
  
| project_road_map =  
+
| project_road_map = https://www.owasp.org/index.php/.Net_CSRF_Guard/Roadmap
  
| links_url1 =  
+
| links_url1 = http://code.google.com/p/owasp-code-central/
| links_name1 =  
+
| links_name1 = Source Code Repository
 
   
 
   
 
| links_url2 =  
 
| links_url2 =  

Latest revision as of 17:22, 18 May 2011

PROJECT INFO
What does this OWASP project offer you? 		RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP .Net CSRF Guard Project (home page)
Purpose: It seems that the root cause of CSRF is cookie-based session IDs that get auto-sent by the browser with each request. What CSRFGuard (Java and this .Net version) therefore try to do is to allow one to continue using Cookie-based sessions by layering on top of this yet another session token that isn't sent in a cookie to essentially attempt to authenticate the HTML page contents and links as belonging to a legitimate session.
License: GNU Lesser GPL
who is working on this project?
Project Leader(s):
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: N/A
Project Roadmap: View
Main links:
Key Contacts
current release
Not Yet Published
last reviewed release
Not Yet Reviewed


other releases

Retrieved from "https://wiki.owasp.org/index.php?title=Projects/OWASP_.Net_CSRF_Guard_Project&oldid=110706"