httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Abfalterer, Armin" <Armin.Abfalte...@united-security-providers.ch>
Subject AW: [users@httpd] Cross-Site Request Forgery
Date Mon, 20 Feb 2012 15:24:35 GMT
> Does anyone know of ANY web server that
> provides
> > CSRF protection at the web server level?  I'm curious.
> >

Take a look at mod_security that provides CSRF prevention mechanism by means of JS injection.

 
Mime
View raw message