[Owasp-leaders] PHP CSRF Guard

vanderaj vanderaj vanderaj at owasp.org
Wed Jul 11 09:28:17 UTC 2012

That guy is me, and I have code for it too back in 2005 / 2006. It should
be there already.


On Tue, Jul 10, 2012 at 11:55 AM, Abbas Naderi Afooshteh <
abbas.naderi at owasp.org> wrote:

> Hi leaders,
> There was a page on the wiki
> https://www.owasp.org/index.php/PHP_CSRF_Guard
> That pointed to a Java codebase for CSRF protection by some guy. I
> contacted the guy and asked him why Java for PHP guard, and he said someone
> at OWASP had setup that wiki page mistakenly.
> So I edited the page and added some PHP code to do the same functionality,
> would really appreciate it if you took a peek on it and provided any
> feedback.
> I'm going to add it to PHP Security Cheat Sheet when it matures, under
> CSRF Cheat Sheet.
> Regards
> -Abbas
> ______________________________________________________________
> *Notice:** *This message is *digitally signed*, this means that its *
> source* and *integrity* are verifiable.
> Certain mail clients would automatically verify this email and present a "
> *signed and sealed*" sign, but others might just provide  a downloadable
> file (smime.p7s), which includes the X.509 certificate and the signature
> body.
> In this case, you can either ignore it or manually verify it. Read more on
> this at Certified E-Mail with Comodo and Thunderbird<http://abiusx.com/certified-e-mail-with-comodo-and-thunderbird/> at
> AbiusX.com
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20120711/c09cc86b/attachment.html>

More information about the OWASP-Leaders mailing list