[WEB SECURITY] CSRFGuard Vs Strust-TagLib

Nitchi DaMon nitchimon at yahoo.com
Mon Apr 20 09:47:29 EDT 2009

We're in the process of implementing CSRFGuard from OWASP and have run into opposition and instead a request to install the struts.taglib to combat multiple CSRF Vulnerabilities.

I can;t seem to find any references where this taglib is used to stop CSRF Vulns.

Has anyone run into this same problem?  Has anyone implemented the taglib to combat CSRF Vulns instead of the CSRFGuard from OWASP ?

I'd be interested in your insight into this.




Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn

More information about the websecurity mailing list