This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "CSRFProtector Project"
From OWASP
A V Minhaz (talk | contribs) m (Contributors modified) |
A V Minhaz (talk | contribs) |
||
Line 5: | Line 5: | ||
==OWASP CSRF Protector Project== | ==OWASP CSRF Protector Project== | ||
+ | OWASP CSRF Protector Project is an effort by a group of developers in securing web applications against Cross Site Request Forgery, providing php library and an Apache Module (to be used differently) for easy mitigation. | ||
− | + | [https://github.com/mebjas/CSRF-Protector-PHP GitHub Repo - php library]<br> | |
− | [https://github.com/mebjas/CSRF-Protector-PHP GitHub Repo - php library] | ||
[https://github.com/mebjas/mod_csrfprotector GitHub Repo - Apache module] | [https://github.com/mebjas/mod_csrfprotector GitHub Repo - Apache module] | ||
==What is CSRF Protector?== | ==What is CSRF Protector?== | ||
− | + | CSRF Protector Project has two parts: | |
+ | <li><b>Apache 2.x.x Module: </b>An Apache Module which can be easily installed and configured in an Apache Server to protect it from CSRF vulnerabilities. | ||
+ | </li> | ||
+ | <li><b>php library: </b> A standalone php library which can be integrated with any existing web application or used while creating a new php project. All developer need to do is include the library and call the initiating function. | ||
+ | </li> | ||
==Why CSRF Protector?== | ==Why CSRF Protector?== | ||
CSRF Protector is suitable for three group of developers: | CSRF Protector is suitable for three group of developers: | ||
Line 33: | Line 37: | ||
==Features Offered== | ==Features Offered== | ||
− | + | CSRF Protection provide protection for: | |
+ | * Normal HTML forms (POST/GET) | ||
+ | * Normal Get requests (Not enabled by default) | ||
+ | * Ajax Requests (XHR) | ||
+ | * Dynamically generated forms | ||
==Damages Mitigated== | ==Damages Mitigated== | ||
* Cross Site Request Forgery | * Cross Site Request Forgery |
Revision as of 11:43, 24 June 2014
OWASP CSRF Protector ProjectOWASP CSRF Protector Project is an effort by a group of developers in securing web applications against Cross Site Request Forgery, providing php library and an Apache Module (to be used differently) for easy mitigation. GitHub Repo - php library
What is CSRF Protector?CSRF Protector Project has two parts: Why CSRF Protector?CSRF Protector is suitable for three group of developers:
Project leader |
Major Contributors
Features OfferedCSRF Protection provide protection for:
Damages Mitigated
|
Quick DownloadWebsiteNews and EventsClassifications |