Win a copy of Functional Reactive Programming this week in the Other Languages forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Cross-Site Request Forgery(CSRF) prevention in Struts 1.3.10

 
Mike Thomson
Ranch Hand
Posts: 121
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
I am addressing some of the Ethical hack vulnerabilites to my web site like Cross site scripting, sql injection and others.
Now I am trying to incorporate the Cross-Site Request Forgery(CSRF) prevention in Struts 1.3.10.
Is struts having any feature like this or how to achieve it in struts? PLease throw some light on it. thanks.
 
Mike Thomson
Ranch Hand
Posts: 121
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
any help?
 
Don Horrell
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have not used either yet, but I'm looking at HDIV (www.hdiv.org) and OWASP (http://www.owasp.org/index.php/CSRF_Guard). HDIV looks more efficient, as the OWASP CSRFGuard parses the HTML produced by the Web App.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic