开发CSRF（跨站点请求伪造）净化器 [英] Develop CSRF(cross site request forgery) purifier

问题描述

我想开发CSRF净化器，其功能类似于HTML净化器。它将能够将用户的原始源代码转换为具有CSRF保护的新源代码（例如，将GET更改为POST或在代码之间添加ANTI CSRF令牌以防止CSRF攻击）。它将显示原始源代码和新源代码之间的转换。如果有任何在线资源，您可能对开发有所帮助，请随意提供。谢谢

Hi, i would like develope CSRF Purifier which function like a HTML Purifier. It will able to convert user''s original source code to a new one with CSRF protection (eg like changing GET to POST or adding ANTI CSRF token between codes to prevent CSRF attack). It is something that will shown the conversion between original and the new source codes. If there are any resources on-line which you all thing might be helpful to the development, please fell free to provide. Thank you

推荐答案

您可以找到足够的信息： http://bit.ly/18pO6DL [ ^ ]。



特别是，请参阅： https://www.owasp.org/index .php / Cross-Site_Request_Forgery_％28CSRF％29_Prevention_Cheat_Sheet [ ^ ]。

-SA

You can find enough information: http://bit.ly/18pO6DL[^].

In particular, please see: https://www.owasp.org/index.php/Cross-Site_Request_Forgery_%28CSRF%29_Prevention_Cheat_Sheet[^].

—SA

这篇关于开发CSRF（跨站点请求伪造）净化器的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！