Talk:Summit 2011 Working Sessions/Session029


 * Use this page to capture discussion about Protecting Against CSRF working session.

= ESAPI Java CSRF protection in DefaultHTTPUtilities.java =

= CSRFGuard =

= Preventing CSRF with mod_security =

= Prevent CSRF with ModSecurity v2 (Request Validation Tokens via Content Injection) =

= WAF Capabilities to Protect Against CSRF = User:Achim (following items without any preference, order, ... simply unsorted)


 * How can WAFs be used for protections?
 * Which methods can be implemented in frameworks?