I am addressing some of the Ethical hack vulnerabilites to my web site like Cross site scripting, sql injection and others.
Now I am trying to incorporate the Cross-Site Request Forgery(CSRF) prevention in Struts 1.3.10.
Is struts having any feature like this or how to achieve it in struts? PLease throw some light on it. thanks.
I have not used either yet, but I'm looking at HDIV (www.hdiv.org) and OWASP (http://www.owasp.org/index.php/CSRF_Guard). HDIV looks more efficient, as the OWASP CSRFGuard parses the HTML produced by the Web App.
subject: Cross-Site Request Forgery(CSRF) prevention in Struts 1.3.10