Skip to content

/ CSRF-Protector-PHP

Latest release
OWASP CSRF Protector V1.0.2
Latest release

@mebjas mebjas released this May 23, 2020

  • Moved default logger from file based implementation to php's default error_log based approach.
Assets 3
OWASP CSRF Protector 1.0.1

@mebjas mebjas released this Mar 17, 2018

https://blog.minhazav.xyz/2018/03/17/support-for-custom-logging-in-csrf-protector-library-and-more/

Assets 3
OWASP CSRF Protector php library

@mebjas mebjas released this Oct 7, 2017

Changes:

  • Support for AJAX request with application/json content type (JSON Payload). Token now transferred through request header in case of POST request (AJAX). Added support in server to handle such tokens.
  • The parameters path, domain & secure of setcookie method made configurable via config file. Developers can set them according to needs. In case of no special requirement they can use the default settings.
Assets 3
OWASP CSRF Protector php library

@mebjas mebjas released this Feb 16, 2017

Minor bug fixes, a few enhancements and more support for IE.

Changes:

  • Ability to override logging functionality by inheriting the library
  • Option to add secure flag by config value change
  • Support for multiple tabs
  • [bug fix] form submission through onchange event or js based submission doesn't fail
  • [bug fix] Echoed form support CSRF Validation
Assets 3
OWASP CSRF Protector php library

@mebjas mebjas released this Jul 25, 2014

Features

- Easy to integrate with any web application - CSRF Validation for every POST request & selected GET requests - **per request token** used - JS supports -- HTML Forms (static as well as dynamically generated) -- Ajax (both XHR & ActiveXObjects) -- Static links

Which version to use?

Assets 4