Sponsorised links
This year
An Idiot's Guide to OAuth 1.0a :: Drive-by Digressions
by greut
A revision to fix some potential issues... let's patch it
2008
CsrfProtect
by damdec
& 1 other
This class adds CSRF protection to existing PHP applications that make use of PHP's session support for authentication. If you are writing an application from scratch you shouldn't use this; it's designed to protect legacy apps that were not built with CSRF in mind.
PHP CSRF protection class
by Xavier Lacot
& 1 other
This class adds CSRF protection to existing PHP applications that make use of PHP's session support for authentication. If you are writing an application from scratch you shouldn't use this; it's designed to protect legacy apps that were not built with CSRF in mind.
Robust Defenses for Cross-Site Request Forgery [PDF]
by znarf
& 1 other
(via)
Excellent papier, à l'habitude de Colin Jackson
Introduction aux Cross Site Request Forgeries ou Sea Surf - Apprendre-PHP.com
by dzc
& 2 others
(via)
Cross Site Request Forgeries
Rahim_Blak’s Blog | Papier sur les attaques CSRF sur les BOX.
by damdec
Voilà un papier fait par mes soins sur les vulnérabilités CSRF des BOX équipant les abonnés ADSL français…
Cutting-edge Think tank | Ethical Hacker Outfit | GNUCITIZEN
by wabaus
& 1 other
Examples of security issues/exploits from OpenID implementations to XSS and CSRF.
Sponsorised links
2007
sfCSRFPlugin - symfony
by Xavier Lacot
The sfCSRFPlugin plugin provides protection against Cross Site Request Forgeries.
2006
2005
1
(21 marks)
