2

I'm interested in learning how to prevent Cross-site request forgeries (CSRF) in my ColdFusion 9 application. I found a few tutorials online but none seem to be comprehensive. The best I've found is: http://www.mollerus.net/tom/blog/2009/01/an_easy_block_for_crosssite_request_forgeries_csrf.html But that's not a incredibly comprehensive or clear example.

Any tutorials, examples, or pointers available for preventing CSRF?

Thanks!

AnApprentice
  • 108,152
  • 195
  • 629
  • 1,012

1 Answers1

3

You should take a look at this link. ColdFusion 10 introduced two new functions to deal with CSRF; CSRFGenerateToken() and CSRFVerifyToken().

http://www.learncfinaweek.com/week1/Cross_Site_Request_Forgery__CSRF_/

James A Mohler
  • 11,060
  • 15
  • 46
  • 72
BeefWellingtons
  • 46
  • 1