CSRFGuard 3 User Manual

= Overview =

Welcome to the OWASP CSRFGuard 3 User Manual! The purpose of this article is to provide the user with guidance on obtaining, installing, deploying, and developing with the OWASP CSRFGuard library. The author's goal was to keep the User Manual informative, use to understand, and concise. If you find that one or more aspects of this document does not adhere to these goals, please me know at eric dot sheridan at owasp dot org.

= Download =

Users can download the latest release of OWASP CSRFGuard using one of the following links:


 * Click here to download the latest stable binary and associated configuration files (recommended).
 * Click here to download the latest stable archive of the project source code.

= Installation =

Installation of OWASP CSRFGuard 3 is very straight forward requiring two simple steps. First, you must copy the Owasp.CsrfGuard.jar file and map the CsrfGuardFilter in your application's deployment descriptor (web.xml). After copying over the OWASP CSRFGuard library, declare and map the CsrfGuardFilter in your application's web.xml deployment descriptor. This instructs the application server to initialize the OWASP CSRFGuard Filter protecting those resources that match the Filter mapping. You'll need to make sure you tell CsrfGuardFilter the location of your CSRFGuard properties file via the config JavaEE Filter init-param directive.


 * Click here for more detailed information regarding the installation of OWASP CSRFGuard.

= Deployment =

Miscellaneous Configurations
= Token Injection =

Dynamic JavaScript
= FAQ =