|Join hundreds of other Developers and InfoSec professionals for Training, Sessions and Community at our first conference of 2019|
[AppSec Tel Aviv, May 26-30th]
CSRFGuard Deprecated Releases
The purpose of this article is to reference those iterations of CSRFGuard that are no longer officially supported and managed by the development team.
Click here to download the latest version of the OWASP CSRFGuard 1.x series (Recommended).
Click here to download the latest OWASP CSRFGuard 2.0 binary.
Click here to download the latest OWASP CSRFGuard 2.0 source, binary, and sample configuration files (Recommended).
Click here to download the author's presentation at the 2007 OWASP conference in San Jose about the dangers of CSRF and a brief description of both CSRF Guard and CSRF Tester.
Version 2.2 Beta
Click here to download the latest OWASP CSRFGuard 2.2 binary.
Click here to download the latest OWASP CSRFGuard 2.2 bundle which consists of source, binary, and sample configuration files. This includes the CSRFGuard properties file, ant build/deploy script, as well as the JSP tag definition (Recommended).
Click here to download a sample web application that makes use of OWASP CSRFGuard 2.2. This version comes with the CSRFGuard binary in WEB-INF/lib but it is not guaranteed to be the latest version. Replace it with the download above. The WebContent folder contains several JSP files that were used during testing. One file, "tags.jsp", shows how to use the custom JSP tag to insert the token.
Click here for a detailed change list of the latest version.
Click here for the OWASP CSRFGuard configuration manual.
Click here for OWASP CSRFGuard installation instructions.
Click here for OWASP CSRFGuard tag library usage instructions.