[Owasp-leaders] PHP CSRF Guard
vanderaj at owasp.org
Wed Jul 11 09:28:17 UTC 2012
That guy is me, and I have code for it too back in 2005 / 2006. It should
be there already.
On Tue, Jul 10, 2012 at 11:55 AM, Abbas Naderi Afooshteh <
abbas.naderi at owasp.org> wrote:
> Hi leaders,
> There was a page on the wiki
> That pointed to a Java codebase for CSRF protection by some guy. I
> contacted the guy and asked him why Java for PHP guard, and he said someone
> at OWASP had setup that wiki page mistakenly.
> So I edited the page and added some PHP code to do the same functionality,
> would really appreciate it if you took a peek on it and provided any
> I'm going to add it to PHP Security Cheat Sheet when it matures, under
> CSRF Cheat Sheet.
> *Notice:** *This message is *digitally signed*, this means that its *
> source* and *integrity* are verifiable.
> Certain mail clients would automatically verify this email and present a "
> *signed and sealed*" sign, but others might just provide a downloadable
> file (smime.p7s), which includes the X.509 certificate and the signature
> In this case, you can either ignore it or manually verify it. Read more on
> this at Certified E-Mail with Comodo and Thunderbird<http://abiusx.com/certified-e-mail-with-comodo-and-thunderbird/> at
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders