Talk:CSRF Guard

Should this be in the Countermeasure category and listed on https://www.owasp.org/index.php/Category:Countermeasure?

Absolutely - fixed

Having hard time to get it working with Weblogic 8.1
I tried it out. For some reason, I always get this following statck trace. Could you please help?

java.lang.IllegalStateException: response already committed at weblogic.servlet.jsp.JspWriterImpl.clear(JspWriterImpl.java:85) at jsp_servlet.__welcome._jspService(__welcome.java:2310) at weblogic.servlet.jsp.JspBase.service(JspBase.java:33) at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run (ServletStubImpl.java:996) at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubIm pl.java:419) at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:28) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja va:27) at org.owasp.csrf.CSRFGuard.doChain(CSRFGuard.java:96) at org.owasp.csrf.CSRFGuard.doFilter(CSRFGuard.java:71) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja va:27) at weblogic.servlet.internal.WebAppServletContext$ServletInvocationActio n.run(WebAppServletContext.java:6458) at weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticate dSubject.java:321) at weblogic.security.service.SecurityManager.runAs(SecurityManager.java: 118) at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppSe rvletContext.java:3661) at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestIm pl.java:2630) at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219) at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)